Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to inject scripts and bypass certain security restrictions.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox version 16.0.2 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple errors
- When handling the 'window.location' object.
- Within CheckURL() function of the 'window.location' object, which can be forced to return the wrong calling document and principal.
- Within handling of 'Location' object can be exploited to bypass security wrapper protection.
Affected
Mozilla Firefox version before 16.0.2 on Windows
References
Severity
Classification
-
CVE CVE-2012-4194, CVE-2012-4195, CVE-2012-4196 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
- Apache Tomcat Multiple Vulnerabilities - 03 Mar14