Summary
This host is installed with Mozilla Firefox
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers
to disclose potentially sensitive information and compromise a user's system.
Impact Level: Application/System
Solution
Upgrade to Mozilla Firefox version 32.0
or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Insight
Multiple flaws exist due to,
- A use-after-free error when setting text directionality.
- An out-of-bounds read error when creating an audio timeline in Web Audio.
- An error when decoding GIF images.
- A use-after-free error during cycle collection when animating SVG content.
- Some other unspecified errors.
Affected
Mozilla Firefox before 32.0 on Mac OS X
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
- http://secunia.com/advisories/59236
- http://www.mozilla.org/security/announce/2014/mfsa2014-67.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-68.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-69.html
- http://www.mozilla.org/security/announce/2014/mfsa2014-70.html
- https://www.mozilla.org/security/announce/2014/mfsa2014-72.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-1553, CVE-2014-1554, CVE-2014-1562, CVE-2014-1563, CVE-2014-1564, CVE-2014-1565, CVE-2014-1567 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - December12 (Mac OS X)
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Linux)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)