Korean
<< Back
VID 28796
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description A version of Mozilla Firefox which is older than 3.0.16 has been installed on the host. Mozilla is an open-source based Web browser, developed by the Mozilla project. Mozilla Firefox versions 3.0.x prior to 3.0.16 are vulnerable to multiple vulnerabilities.

- Multiple crashes can result in arbitrary code execution.(MFSA 2009-65)
- The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application can be forwarded to another application. (MFSA 2009-68)
- Multiple location bar spoofing vulnerabilities exist. (MFSA 2009-69)
- A content window which is opened by a chrome window retains a reference to the chrome window via the 'window.opener' property, which can lead to privilege escalation. (MFSA 2009-70)
- The exception messages generated by the 'GeckoActiveXObject' differ based on whether or not the requested COM object's ProgID is present in the system
registry. (MFSA 2009-71)

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://www.mozilla.org/security/announce/2009/mfsa2009-65.html
http://www.mozilla.org/security/announce/2009/mfsa2009-68.html
http://www.mozilla.org/security/announce/2009/mfsa2009-69.html
http://www.mozilla.org/security/announce/2009/mfsa2009-70.html
http://www.mozilla.org/security/announce/2009/mfsa2009-71.html

* Platforms Affected:
Mozilla Project, Firefox versions 3.0.x prior to 3.0.16
Microsoft Windows Any version
Linux Any version
Recommendation Upgrade to the latest version of Firefox (3.0.16 or later), available from the Mozilla Firefox Download Web page at http://www.mozilla.org/products/firefox/
Related URL CVE-2009-3979,CVE-2009-3980,CVE-2009-3981,CVE-2009-3982,CVE-2009-3983,CVE-2009-3984,CVE-2009-3985,CVE-2009-3986,CVE-2009-3987 (CVE)
Related URL 37360,37361,37362,37363,37364,37365,37366,37367,37370 (SecurityFocus)
Related URL (ISS)