Ubuntu Security Notice (C) 2009-2015 Canonical, Inc. / NASL script (C) 2009-2015 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
It was discovered that Firefox did not properly perform XUL garbage
collection. If a user were tricked into viewing a malicious website, a
remote attacker could cause a denial of service or execute arbitrary
code with the privileges of the user invoking the program. This issue
only affected Ubuntu 8.04 LTS and 8.10. (CVE-2009-1044)
A flaw was discovered in the way Firefox performed XSLT
transformations. If a user were tricked into opening a crafted XSL
stylesheet, an attacker could cause a denial of service or execute
arbitrary code with the privileges of the user invoking the program.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true