SummaryThis host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
ImpactSuccessful exploitation will allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code, bypass security restrictions, bypass origin restrictions, gain knowledge of sensitive information, run custom code, cause the server to crash and gain privileged access.
Impact Level: System/Application
SolutionUpgrade to Mozilla Firefox version 38.0 or later, For updates refer to http://www.mozilla.com/en-US/firefox/all.html
Vulnerability InsightMultiple flaws are due to: – Flaw in WebChannel.jsm module in Mozilla Firefox. – Integer overflow in libstagefright in Mozilla Firefox. – Buffer overflow in the XML parser in Mozilla Firefox. – Race condition in the ‘nsThreadManager::RegisterCurrentThread’ function in Mozilla Firefox. – Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox. – Flaw in Mozilla Firefox so that does not recognize a referrer policy delivered by a referrer META element. – Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox. – Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox. – Flaw in asm.js implementation in Mozilla Firefox. – Flaw in GStreamer in Mozilla Firefox.
Vulnerability Detection MethodGet the installed version with the help of detect NVT and check the version is vulnerable or not.
Version used: $Revision: 1271 $