Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox Security Updates( mfsa_2017-15_2017-16 )-MAC OS X
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities.
Insight
Insight
The multiple flaws exists due to, - Use-after-free using destroyed node when regenerating trees. - Use-after-free during docshell reloading. - Use-after-free with track elements. - Use-after-free with content viewer listeners. - Use-after-free with IME input. - Out-of-bounds read in WebGL with ImageInfo object. - Privilege escalation through Firefox Installer with same directory DLL files. - Use-after-free and use-after-scope logging XHR header errors. - Use-after-free in IndexedDB. - Vulnerabilities in the Graphite 2 library. - Out-of-bounds read in Opus encoder. - Android intent URLs can cause navigation to local file system. - File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service. - File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application. - Addressbar spoofing in Reader mode. - Mac fonts render some unicode characters as spaces. - Domain spoofing with combination of Canadian Syllabics and other unicode blocks. - Mark of the Web bypass when saving executable files. - File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service. - Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service. - 32 byte arbitrary file read through Mozilla Maintenance Service. - Addressbar spoofing with JavaScript events and fullscreen mode.
Affected Software
Affected Software
Mozilla Firefox version before 54.0 on MAC OS X.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Upgrade to Mozilla Firefox version 54.0 or later.