Summary
This host is installed with Mozilla Firefox and is prone to integer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox version 25.0.1 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
The flaw is due to integer overflow in the 'PL_ArenaAllocate' function in Mozilla Netscape Portable Runtime (NSPR).
Affected
Mozilla Firefox before version 25.0.1 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-5607 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Flash Media Server Multiple Remote Security Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)