Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to bypass certain security restrictions and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 31.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws are due to,
- An error when buffering Web Audio for playback.
- A use-after-free error related to ordering of control messages for Web Audio.
- A use-after-free error in DirectWrite when rendering MathML.
- A use-after-free error when handling the FireOnStateChange event.
- An unspecified error when using the Cesium JavaScript library to generate WebGL content.
- The application bundles a vulnerable version of the Network Security Services (NSS) library.
and Some unspecified errors.
Affected
Mozilla Firefox version before 31.0 on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)
- Adobe AIR Multiple Vulnerabilities-01 Jan15 (Mac OS X)
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)