Summary
The host is installed with Mozilla Firefox browser and is prone to multiple vulnerabilities.
Impact
Successful exploitation could result in Information Disclosure, XSS, Script Injection, Memory Corruption, CSRF, Arbitrary JavaScript code execution or can cause denial of service attacks.
Impact Level: System/Application
Solution
Upgrade to Firefox version 3.0.9
http://www.mozilla.com/en-US/firefox/all.html
Insight
For more information about vulnerabilities on Firefox, go through the links mentioned in references.
Affected
Firefox version prior to 3.0.9 on Windows.
References
- http://secunia.com/advisories/34758
- http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-16.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-18.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-19.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-20.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-21.html
- http://www.mozilla.org/security/announce/2009/mfsa2009-22.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat Information Disclosure Vulnerability
- Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
- AMSI 'file' Parameter Directory Traversal Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities