VID |
28809 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
A version of Mozilla Firefox which is older than 3.5.10 has been installed on the host. Mozilla is an open-source based Web browser, developed by the Mozilla project. Mozilla Firefox versions 3.5.x prior to 3.5.10 are vulnerable to multiple vulnerabilities.
- A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. (MFSA 2010-25)
- Multiple crashes can result in arbitrary code execution. (MFSA 2010-26)
- An error in 'nsCycleCollector' may allow access to a previously freed resource leading to arbitrary code execution. (MFSA 2010-27)
- A plugin is allowed to hold a reference to an object owned by a second plugin even after the second plugin is unloaded and the referenced object no longer exists.This could allow arbitrary code execution. (MFSA 2010-28)
- An error in 'nsGenericDOMDataNode' allows a buffer overflow in certain DOM nodes leading to arbitrary code execution. (MFSA 2010-29)
- An error in a XSLT node sorting function contains an integer overflow leading to application crashes and possible arbitrary code execution. (MFSA 2010-30)
- A cross-site scripting vulnerability exists when content from one domain is embedded in pages from other domains and the 'focus()' function is used, leading to information disclosure. (MFSA 2010-31)
- The HTTP header, 'Content-Disposition: attachment', is ignored when the HTTP header 'Content-Type: multipart' is present. This could allow cross-site scripting to occur. (MFSA 2010-32)
- The pseudo-random number generator is only seeded once per browsing session and 'Math.random()' may be used to recover the seed value allowing the browser instance to be tracked across different web sites. (MFSA 2010-33)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References: http://www.mozilla.org/security/announce/2010/mfsa2010-26.html http://www.mozilla.org/security/announce/2010/mfsa2010-27.html http://www.mozilla.org/security/announce/2010/mfsa2010-28.html http://www.mozilla.org/security/announce/2010/mfsa2010-29.html http://www.mozilla.org/security/announce/2010/mfsa2010-30.html http://www.mozilla.org/security/announce/2010/mfsa2010-32.html
* Platforms Affected: Mozilla Project, Firefox versions 3.5.x prior to 3.5.10 Microsoft Windows Any version Linux Any version |
Recommendation |
Upgrade to the latest version of Firefox (3.5.10 or later), available from the Mozilla Firefox Download Web page at http://www.mozilla.org/ |
Related URL |
CVE-2008-5913,CVE-2010-0183,CVE-2010-1121,CVE-2010-1125,CVE-2010-1196,CVE-2010-1197,CVE-2010-1198,CVE-2010-1199 (CVE) |
Related URL |
33276,38952,40701,41082,41087,41090,41093,41094,41100,41102,41103 (SecurityFocus) |
Related URL |
(ISS) |
|