Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to bypass certain security restrictions and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 31.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws are due to,
- An error when buffering Web Audio for playback.
- A use-after-free error related to ordering of control messages for Web Audio.
- A use-after-free error in DirectWrite when rendering MathML.
- A use-after-free error when handling the FireOnStateChange event.
- An unspecified error when using the Cesium JavaScript library to generate WebGL content.
- The application bundles a vulnerable version of the Network Security Services (NSS) library.
and Some unspecified errors.
Affected
Mozilla Firefox version before 31.0 on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
- Adobe Air Code Execution and DoS Vulnerabilities (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)