Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mozilla Firefox Multiple Vulnerabilities - Sep09 (Linux)

Information

Severity

Severity

Critical

Family

Family

Denial of Service

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

3 years ago

Summary

The host is installed with Firefox browser and is prone to multiple vulnerabilities.

Insight

Insight

- Multiple errors in the browser and JavaScript engines can be exploited to corrupt memory. - An error exists when processing operations performed on the columns of a XUL tree element. This can be exploited to dereference freed memory via a pointer owned by a column of the XUL tree element. - An error exists when displaying text in the location bar using the default Windows font. This can be exploited to spoof the URL of a trusted site via Unicode characters having a tall line-height. - An error in the implementation of the 'BrowserFeedWriter' object can be exploited to execute arbitrary JavaScript code with chrome privileges.

Affected Software

Affected Software

Mozilla Firefox version prior to 3.0.14 and 3.5 before 3.5.3 on Linux.

Solution

Solution

Upgrade to Firefox version 3.0.14 or 3.5.3 or later.

Common Vulnerabilities and Exposures (CVE)