Test Kennung:	1.3.6.1.4.1.25623.1.0.804042
Kategorie:	General
Titel:	Mozilla Firefox ESR Multiple Vulnerabilities-01 Dec13 (Mac OS X)
Zusammenfassung:	This host is installed with Mozilla Firefox ESR and is prone to multiple; vulnerabilities.
Beschreibung:	Summary: This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function - JavaScript implementation does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs - Use-after-free vulnerability in the nsEventListenerManager::HandleEvent SubType function - unspecified error in nsGfxScrollFrameInner::IsLTR function - Flaw is due to the program ignoring the setting to remove the trust for extended validation (EV) capable root certificates Vulnerability Impact: Successful exploitation will allow attackers to conduct cross-site scripting attacks, bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system. Affected Software/OS: Mozilla Firefox ESR version 24.x before 24.2 on Mac OS X. Solution: Upgrade to Mozilla Firefox ESR version 24.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 64204 BugTraq ID: 64203 BugTraq ID: 64216 BugTraq ID: 64209 BugTraq ID: 64211 BugTraq ID: 64212 BugTraq ID: 64213 Common Vulnerability Exposure (CVE) ID: CVE-2013-5609 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2013:1812 http://rhn.redhat.com/errata/RHSA-2013-1812.html http://www.securitytracker.com/id/1029470 http://www.securitytracker.com/id/1029476 SuSE Security Announcement: SUSE-SU-2013:1919 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00010.html SuSE Security Announcement: openSUSE-SU-2013:1916 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html SuSE Security Announcement: openSUSE-SU-2013:1917 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html SuSE Security Announcement: openSUSE-SU-2013:1918 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html SuSE Security Announcement: openSUSE-SU-2013:1957 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html SuSE Security Announcement: openSUSE-SU-2013:1958 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html SuSE Security Announcement: openSUSE-SU-2013:1959 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html SuSE Security Announcement: openSUSE-SU-2014:0008 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html http://www.ubuntu.com/usn/USN-2052-1 http://www.ubuntu.com/usn/USN-2053-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-5613 Common Vulnerability Exposure (CVE) ID: CVE-2013-5615 Common Vulnerability Exposure (CVE) ID: CVE-2013-5616 Common Vulnerability Exposure (CVE) ID: CVE-2013-5618 Common Vulnerability Exposure (CVE) ID: CVE-2013-6671 http://www.securityfocus.com/bid/64212 Common Vulnerability Exposure (CVE) ID: CVE-2013-6673 http://www.securityfocus.com/bid/64213
Copyright	Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.