Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to conduct clickjacking attacks and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to Mozilla Firefox version 30.0 or later,
For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws are due to,
- An error in the 'PropertyProvider::FindJustificationRange()' function.
- An error in the 'navigator.getGamepads()' method within the Gamepad API.
- An error when handling cursor rendering related to an embedded flash object - A use-after-free error in the 'mozilla::dom::workers::WorkerPrivateParent' class.
- A use-after-free error in the 'nsEventListenerManager::CompileEventHandlerInternal()' function.
- A boundary error related to AudioBuffer channel counts and sample rate range within the Web Audio Speex resampler.
- And some unspecified errors exist.
Affected
Mozilla Firefox version before 30.0 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1533, CVE-2014-1534, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538, CVE-2014-1539, CVE-2014-1540, CVE-2014-1541, CVE-2014-1542, CVE-2014-1543 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Adobe Captivate Insecure Library Loading Vulnerability
- Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)