Summary
This host is installed with Mozilla Firefox ESR
and is prone to spoof vulnerability.
Impact
Successful exploitation will allow attackers
to conduct spoofing attacks.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox ESR version 24.8.1
or 31.1.1 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Flaw exists due to improper handling of
ASN.1 values while parsing RSA signature
Affected
Mozilla Firefox ESR 24.x before 24.8.1 and
31.x before 31.1.1 on Macosx
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1568 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Windows)
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)