Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox ESR Multiple Vulnerabilities - Nov15 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are exists due to, - Lack of status checking in CryptoKey interface implementation. - Lack of status checking in 'AddWeightedPathSegLists' and 'SVGPathSegListSMILType::Interpolate' functions. - Buffer overflow in the 'rx::TextureStorage11' class in ANGLE graphics library. - An error in 'web worker' when creating WebSockets. - Java plugin can deallocate a JavaScript wrapper when it is still in use, which leads to a JavaScript garbage collection crash. - Buffer underflow in 'libjar' triggered through a maliciously crafted ZIP format file. - An error in implementation of CORS cross-origin request algorithm. - Buffer overflow in the 'JPEGEncoder' function during script interactions with a canvas element. - Trailing whitespaces are evaluated differently when parsing IP addresses instead of alphanumeric hostnames. - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox. - Multiple memory corruption issues in NSS and NSPR.
Affected Software
Affected Software
Mozilla Firefox ESR version 38.x before 38.4 on Windows
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Mozilla Firefox ESR version 38.4 or later.