How to Buy
This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
content. A web page containing such malicious content could cause
Firefox to crash or, potentially, execute arbitrary code as the user
running Firefox. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-2798, CVE-2008-2799, CVE-2008-2811)
Several flaws were found in the way malformed web content was
displayed. A web page containing specially crafted content could
potentially trick a Firefox user into surrendering sensitive
Two local file disclosure flaws were found in Firefox. A web page
containing malicious content could cause Firefox to reveal the
contents of a local file to a remote attacker. (CVE-2008-2805,
A flaw was found in the way a malformed .properties file was processed
by Firefox. A malicious extension could read uninitialized memory,
possibly leaking sensitive data to the extension. (CVE-2008-2807)
A flaw was found in the way Firefox escaped a listing of local file
names. If a user could be tricked into listing a local directory
with the permissions of the user running Firefox. (CVE-2008-2808)
A flaw was found in the way Firefox displayed information about
self-signed certificates. It was possible for a self-signed
certificate to contain multiple alternate name entries, which were not
all displayed to the user, allowing them to mistakenly extend trust to
an unknown site. (CVE-2008-2809)
See also :
Update the affected firefox package.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60433 ()
CVE ID: CVE-2008-2798CVE-2008-2799CVE-2008-2800CVE-2008-2801CVE-2008-2802CVE-2008-2803CVE-2008-2805CVE-2008-2807CVE-2008-2808CVE-2008-2809CVE-2008-2810CVE-2008-2811
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.