This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Mac OS X host contains a web browser that is potentially
affected by multiple vulnerabilities.
The installed version of Firefox ESR 17.x is earlier than 17.0.8 and
is, therefore, potentially affected by the following vulnerabilities :
- Various errors exist that could allow memory corruption
- Unspecified errors exist related to HTML frames and
workers using 'XMLHttpRequest' that could allow
cross-site scripting attacks. (CVE-2013-1709,
- An unspecified error exists related to generating
'Certificate Request Message Format' (CRMF) requests
that could allow cross-site scripting attacks.
- An error exists related to Java applets and 'file:///'
URIs that could allow read-only access to arbitrary
See also :
Upgrade to Firefox 17.0.8 ESR or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true