Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox Security Advisory (MFSA2015-148) - Linux
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is missing a security update for Mozilla Firefox.
Insight
Insight
Privilege escalation vulnerabilities in WebExtension APIs Mozilla developer Kris Maglione reported a mechanism where WebExtension APIs could be used to escalate privilege. This could allow arbitrary web content to execute code with the privileges of a particular WebExtension when using these API calls. Depending on the privileges of the extension used, this could result in personal information theft and cross-site scripting (XSS) attacks, including theft of browser cookies. This is mitigated by the requirement to have a WebExtension installed that is vulnerable to this issue.
Affected Software
Affected Software
Firefox version(s) below 43.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
The vendor has released an update. Please see the reference(s) for more information.