This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Mac OS X host contains a web browser that is potentially
affected by several vulnerabilities.
The installed version of Firefox 9.x is potentially affected by the
following security issues :
- A use-after-free error exists related to removed
nsDOMAttribute child nodes.(CVE-2011-3659)
- Various memory safety issues exist. (CVE-2012-0442,
- Memory corruption errors exist related to the
decoding of Ogg Vorbis files and processing of
malformed XSLT stylesheets. (CVE-2012-0444,
- The HTML5 frame navigation policy can be violated by
allowing an attacker to replace a sub-frame in another
domain's document. (CVE-2012-0445)
- Scripts in frames are able to bypass security
restrictions in XPConnect. This bypass can allow
malicious websites to carry out cross-site scripting
- An information disclosure issue exists when
uninitialized memory is used as padding when encoding
icon images. (CVE-2012-0447)
- Exported 'Firefox Sync' key permissions are not
See also :
Upgrade to Firefox 10.0 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 57773 ()
Bugtraq ID: 5175251753517545175551756517575176551787
CVE ID: CVE-2011-3659CVE-2012-0442CVE-2012-0443CVE-2012-0444CVE-2012-0445CVE-2012-0446CVE-2012-0447CVE-2012-0449CVE-2012-0450
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.