Test Kennung:	1.3.6.1.4.1.25623.1.0.804945
Kategorie:	General
Titel:	Mozilla Firefox Multiple Vulnerabilities-01 Oct14 (Mac OS X)
Zusammenfassung:	This host is installed with Mozilla Firefox; and is prone to multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An error in Alarm API which does not properly restrict toJSON calls. - An error when handling video sharing within a WebRTC session running within an iframe. - Multiple errors in the Public Key Pinning (PKP) implementation. - An use-after-free error when handling text layout related to DirectionalityUtils. - An error when repeatedly rendering a GIF image within a canvas element. - An out-of-bounds error within the 'get_tile' function when buffering WebM format video containing frames. - An out-of-bounds error within 'mozilla::dom::OscillatorNodeEngine::ComputeCustom' method when interacting with custom waveforms. - An error within the 'nsTransformedTextRun' class when handling capitalization style changes during CSS parsing. - An error when handling camera recording within an iframe related to site navigation. - Other unspecified errors. Vulnerability Impact: Successful exploitation will allow attackers disclose potentially sensitive information, bypass certain security restrictions, conduct denial-of-service attack and compromise a user's system. Affected Software/OS: Mozilla Firefox before version 33.0 on Mac OS X Solution: Upgrade to Mozilla Firefox version 33.0 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1586 BugTraq ID: 70427 http://www.securityfocus.com/bid/70427 Debian Security Information: DSA-3050 (Google Search) http://www.debian.org/security/2014/dsa-3050 Debian Security Information: DSA-3061 (Google Search) http://www.debian.org/security/2014/dsa-3061 http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html https://security.gentoo.org/glsa/201504-01 http://www.securitytracker.com/id/1031028 http://www.securitytracker.com/id/1031030 http://secunia.com/advisories/61387 http://secunia.com/advisories/62021 http://secunia.com/advisories/62022 http://secunia.com/advisories/62023 SuSE Security Announcement: openSUSE-SU-2014:1343 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html SuSE Security Announcement: openSUSE-SU-2014:1344 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html SuSE Security Announcement: openSUSE-SU-2014:1345 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2014:1346 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html SuSE Security Announcement: openSUSE-SU-2015:0138 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2372-1 http://www.ubuntu.com/usn/USN-2373-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-1585 BugTraq ID: 70425 http://www.securityfocus.com/bid/70425 Common Vulnerability Exposure (CVE) ID: CVE-2014-1584 BugTraq ID: 70434 http://www.securityfocus.com/bid/70434 Common Vulnerability Exposure (CVE) ID: CVE-2014-1583 BugTraq ID: 70424 http://www.securityfocus.com/bid/70424 RedHat Security Advisories: RHSA-2014:1635 http://rhn.redhat.com/errata/RHSA-2014-1635.html http://secunia.com/advisories/61854 Common Vulnerability Exposure (CVE) ID: CVE-2014-1582 BugTraq ID: 70432 http://www.securityfocus.com/bid/70432 Common Vulnerability Exposure (CVE) ID: CVE-2014-1581 BugTraq ID: 70426 http://www.securityfocus.com/bid/70426 RedHat Security Advisories: RHSA-2014:1647 http://rhn.redhat.com/errata/RHSA-2014-1647.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1580 BugTraq ID: 70431 http://www.securityfocus.com/bid/70431 Common Vulnerability Exposure (CVE) ID: CVE-2014-1578 BugTraq ID: 70428 http://www.securityfocus.com/bid/70428 Common Vulnerability Exposure (CVE) ID: CVE-2014-1577 BugTraq ID: 70440 http://www.securityfocus.com/bid/70440 Common Vulnerability Exposure (CVE) ID: CVE-2014-1576 BugTraq ID: 70430 http://www.securityfocus.com/bid/70430 Common Vulnerability Exposure (CVE) ID: CVE-2014-1575 BugTraq ID: 70439 http://www.securityfocus.com/bid/70439 Common Vulnerability Exposure (CVE) ID: CVE-2014-1574 BugTraq ID: 70436 http://www.securityfocus.com/bid/70436
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.