Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Windows)

  1. Network Vulnerabilities
  2. General
  3. Mozilla Firefox Multiple Vulnerabilities-01 Jan15 (Windows)
Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 35.0 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws exist due to, - Some unspecified errors. - An error when rendering a bitmap image by the bitmap decoder within a canvas element. - An error when handling a request from 'navigator.sendBeacon' API interface function. - An error when handling a '407 Proxy Authentication' response with a 'Set-Cookie' header from a web proxy. - A use-after-free error when handling tracks within WebRTC. - An unspecified error related to the GMP (Gecko Media Plugin) sandbox. - An error when handling the 'id-pkix-ocsp-nocheck' extension during verification of a delegated OCSP (Online Certificate Status Protocol) response signing certificate. - An error when handling DOM (Document Object Model) objects with certain properties. - Improper restriction of timeline operations by the 'mozilla::dom::AudioParamTimeline::AudioNodeInputValue' function in the Web Audio API.
Affected
Mozilla Firefox before version 35.0 on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities