| VID |
28822 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Mozilla Firefox which is older than 3.6.9 has been installed on the host. Mozilla is an open-source based Web browser, developed by the Mozilla project. Mozilla Firefox versions 3.6.x prior to 3.6.9 are vulnerable to multiple vulnerabilities.
- Multiple memory safety bugs could lead to memory corruption, potentially resulting in arbitrary code execution. (MFSA 2010-49)
- An integer overflow vulnerability in HTML frameset element implementation could lead to arbitrary code execution. (MFSA 2010-50)
- A dangling pointer vulnerability in 'navigator.plugins' could lead to arbitrary code execution. (MFSA 2010-51)
- It is possible to perform DLL hijacking attacks via dwmapi.dll. (MFSA 2010-52)
- A heap overflow vulnerability in function 'nsTextFrameUtils::TransformText' could result in arbitrary code execution on the remote system.(MFSA 2010-53)
- A dangling pointer vulnerability reported in MFSA 2010-40 was incorrectly fixed. (MFSA 2010-54)
- By manipulating XUL <tree> objects it may be possible to crash the browser or run arbitrary code on the remote system. (MFSA 2010-55)
- A dangling pointer vulnerability affects XUL <tree>'s content view implementation, which could allow arbitrary code execution on the remote system. (MFSA 2010-56)
- Code used to normalize a document could lead to a crash or arbitrary code execution on the remote system. (MFSA 2010-57)
- A specially crafted font could trigger memory corruption on Mac systems, potentially resulting in arbitrary code execution on the remote system. (MFSA 2010-58)
- It may be possible to run arbitrary JavaScript with chrome privileges via wrapper class XPCSafeJSObjectWrapper (SJOW). (MFSA 2010-59)
- The 'type' attribute of an <object> tag could override charset of a framed HTML document, which could allow an attacker to inject and execute UTF-7 encoded JavaScript code into a website. (MFSA 2010-61)
- Copy-and-paste or drag-and-drop of an HTML selection containing JavaScript into a designMode document could trigger a cross-site scripting vulnerability.
(MFSA 2010-62)
- It is possible to read sensitive information via 'statusText' property of an XMLHttpRequest object. (MFSA 2010-63)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.mozilla.org/security/announce/2010/mfsa2010-49.html
http://www.mozilla.org/security/announce/2010/mfsa2010-50.html
http://www.mozilla.org/security/announce/2010/mfsa2010-51.html
http://www.mozilla.org/security/announce/2010/mfsa2010-52.html
http://www.mozilla.org/security/announce/2010/mfsa2010-53.html
http://www.mozilla.org/security/announce/2010/mfsa2010-54.html
http://www.mozilla.org/security/announce/2010/mfsa2010-55.html
http://www.mozilla.org/security/announce/2010/mfsa2010-56.html
http://www.mozilla.org/security/announce/2010/mfsa2010-57.html
http://www.mozilla.org/security/announce/2010/mfsa2010-58.html
http://www.mozilla.org/security/announce/2010/mfsa2010-59.html
http://www.mozilla.org/security/announce/2010/mfsa2010-61.html
http://www.mozilla.org/security/announce/2010/mfsa2010-62.html
http://www.mozilla.org/security/announce/2010/mfsa2010-63.html
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9
* Platforms Affected:
Mozilla Project, Firefox versions 3.6.x prior to 3.6.9
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Firefox (3.6.9 or later), available from the Mozilla Firefox Download Web page at http://www.mozilla.org/ |
| Related URL |
CVE-2010-2760,CVE-2010-2762,CVE-2010-2764,CVE-2010-2765,CVE-2010-2766,CVE-2010-2767,CVE-2010-2768,CVE-2010-2769,CVE-2010-2770 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
