Summary
The host is installed with Firefox/Seamonkey and is prone to Information Disclosure vulnerability.
Impact
Successful exploitation will let the attackers obtain the network location of the applications user by logging DNS requests.
Impact Level: Application
Solution
Apply the patch or Upgrade to Mozilla Necko version 1.9.1, https://bug453403.bugzilla.mozilla.org/attachment.cgi?id=346274 http://www.mozilla.com/en-US/products/
*****
NOTE: Ignore this warning, if above mentioned patch is already applied.
*****
Insight
The flaw exists when DNS prefetching of domain names contained in links within local HTML documents.
Affected
Mozilla Firefox and Seamonkey with Mozilla Necko version 1.9.0 and prior on Windows.
References
Severity
Classification
-
CVE CVE-2009-4630 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Apple Safari Multiple Memory Corruption Vulnerabilities-02 Aug14 (Mac OS X)
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
- Adobe Reader Information Disclosure Vulnerability Jun05 (Mac OS X)