Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mozilla Firefox Multiple Vulnerability July-08 (Linux)

Information

Severity

Severity

Critical

Family

Family

General

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

15 years ago

Modified

Modified

5 years ago

Summary

The host is installed with Mozilla Firefox browser, that is prone to multiple vulnerabilities.

Insight

Insight

Issues in browser are due to, - multiple errors in the layout and JavaScript engines that can corrupt memory. - error while handling unprivileged XUL documents that can be exploited to load chrome scripts from a fastload file via <script> elements. - error in mozIJSSubScriptLoader.LoadScript function can bypass XPCNativeWrappers. - error in block re-flow process, which can potentially lead to crash. - error in processing file URLs contained within local directory listings. - errors in the implementation of the Javascript same origin policy - errors in the verification of signed JAR files. - improper implementation of file upload forms result in uploading specially crafted DOM Range and originalTarget elements. - error in Java LiveConnect implementation. - error in processing of Alt Names provided by peer. - error in processing of windows URL shortcuts.

Affected Software

Affected Software

Firefox version prior to 2.0.0.15 on Linux.

Solution

Solution

Upgrade to Firefox version 2.0.0.15.