Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to execute arbitrary code, memory corruption, bypass certain security restrictions and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 20.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
- Unspecified vulnerabilities in the browser engine - Buffer overflow in the Mozilla Maintenance Service - Not preventing origin spoofing of tab-modal dialogs - Untrusted search path vulnerability while handling dll files - Improper validation of address bar during history navigation - Integer signedness error in the 'pixman_fill_sse2' function in 'pixman-sse2.c' in Pixman
- Error in 'CERT_DecodeCertPackage' function in Mozilla Network Security Services (NSS)
- Improper handling of color profiles during PNG rendering in 'gfx.color_management.enablev4'
- The System Only Wrapper (SOW) implementation does not prevent use of the cloneNode method for cloning a protected node
Affected
Mozilla Firefox version before 20.0 on Windows
References
Severity
Classification
-
CVE CVE-2013-0788, CVE-2013-0789, CVE-2013-0791, CVE-2013-0792, CVE-2013-0793, CVE-2013-0794, CVE-2013-0795, CVE-2013-0797, CVE-2013-0799, CVE-2013-0800 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Air Multiple Vulnerabilities - November12 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)