ID de Prueba:	1.3.6.1.4.1.25623.1.0.805477
Categoría:	General
Título:	Mozilla Firefox ESR Multiple Vulnerabilities-01 Mar15 (Windows)
Resumen:	This host is installed with Mozilla Firefox ESR; and is prone to multiple vulnerabilities.
Descripción:	Summary: This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Some unspecified vulnerabilities in the browser engine. - Multiple untrusted search path vulnerabilities in updater.exe. - Use-after-free error in the 'IDBDatabase::CreateObjectStore' function in dom/indexedDB/IDBDatabase.cpp script. - Heap-based buffer overflow in the 'mozilla::gfx::CopyRect' and 'nsTransformedTextRun::SetCapitalization' functions. - Flaw in the autocomplete feature for forms. Vulnerability Impact: Successful exploitation will allow remote attackers to disclose potentially sensitive information, bypass certain security restrictions, cause a denial of service, execute arbitrary code and local privilege escalation. Affected Software/OS: Mozilla Firefox ESR 31.x before 31.5 on Windows Solution: Upgrade to Mozilla Firefox ESR version 31.5 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 72742 BugTraq ID: 72747 BugTraq ID: 72746 BugTraq ID: 72755 BugTraq ID: 72756 Common Vulnerability Exposure (CVE) ID: CVE-2015-0836 http://www.securityfocus.com/bid/72742 Debian Security Information: DSA-3174 (Google Search) http://www.debian.org/security/2015/dsa-3174 Debian Security Information: DSA-3179 (Google Search) http://www.debian.org/security/2015/dsa-3179 https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2015:0265 http://rhn.redhat.com/errata/RHSA-2015-0265.html RedHat Security Advisories: RHSA-2015:0266 http://rhn.redhat.com/errata/RHSA-2015-0266.html RedHat Security Advisories: RHSA-2015:0642 http://rhn.redhat.com/errata/RHSA-2015-0642.html http://www.securitytracker.com/id/1031791 http://www.securitytracker.com/id/1031792 SuSE Security Announcement: SUSE-SU-2015:0412 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html SuSE Security Announcement: SUSE-SU-2015:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html SuSE Security Announcement: SUSE-SU-2015:0447 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:0404 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0448 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0570 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2505-1 http://www.ubuntu.com/usn/USN-2506-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0833 http://www.securityfocus.com/bid/72747 Common Vulnerability Exposure (CVE) ID: CVE-2015-0831 http://www.securityfocus.com/bid/72746 Common Vulnerability Exposure (CVE) ID: CVE-2015-0827 http://www.securityfocus.com/bid/72755 Common Vulnerability Exposure (CVE) ID: CVE-2015-0822 http://www.securityfocus.com/bid/72756
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.