Summary
The host is installed with Firefox/Seamonkey and is prone to Information Disclosure vulnerability.
Impact
Successful exploitation will let the attackers obtain the network location of the applications user by logging DNS requests.
Impact Level: Application
Solution
Apply the patch or Upgrade to Mozilla Necko version 1.9.1, https://bug453403.bugzilla.mozilla.org/attachment.cgi?id=346274 http://www.mozilla.com/en-US/products/
*****
NOTE: Ignore this warning, if above mentioned patch is already applied.
*****
Insight
The flaw exists when DNS prefetching of domain names contained in links within local HTML documents.
Affected
Mozilla Firefox and Seamonkey with Mozilla Necko version 1.9.0 and prior on Windows.
References
Severity
Classification
-
CVE CVE-2009-4630 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)
- Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
- Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)