Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox Multiple Vulnerabilities - June 13 (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws due to, - PreserveWrapper does not handle lack of wrapper. - Error in processing of SVG format images with filters to read pixel values. - Does not prevent inclusion of body data in XMLHttpRequest HEAD request. - Does not properly handle onreadystatechange events in conjunction with page reloading. - Profiler parses untrusted data during UI rendering. - System Only Wrapper (SOW) and Chrome Object Wrapper (COW), does not restrict XBL user-defined functions. - Use-after-free vulnerability in 'nsIDocument::GetRootElement' and 'mozilla::dom::HTMLMediaElement::LookupMediaElementURITable' functions. - Maintenance Service does not properly handle inability to launch the Mozilla Updater executable file. - Multiple unspecified vulnerabilities in the browser engine. - Internationalized Domain Name (IDN) does not properly handle the .com, .name, and .net top-level domains. - Does not properly implement DocShell inheritance behavior for sandbox attribute of an IFRAME element. - 'getUserMedia' permission references the URL of top-level document instead of a specific page. - XrayWrapper does not properly restrict use of DefaultValue for method calls. - Does not properly enforce the X-Frame-Options protection mechanism.
Affected Software
Affected Software
Mozilla Firefox versions before 22.0 on Windows
Solution
Solution
Upgrade to Mozilla Firefox version 22.0 or later.