This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Mac OS X host contains a web browser that is potentially
affected by multiple vulnerabilities.
The installed version of Firefox ESR 17.x is earlier than 17.0.9 and
is, therefore, potentially affected by the following vulnerabilities :
- Memory issues exist in the browser engine that could
result in a denial of service or arbitrary code
execution. (CVE-2013-1718, CVE-2013-1719)
- Multiple use-after-free problems exist that can result
in denial of service attacks or arbitrary code
execution. (CVE-2013-1735, CVE-2013-1736)
- A buffer overflow is possible because of an issue with
multi-column layouts. (CVE-2013-1732)
of service or arbitrary code execution. Versions of
Firefox 20 or greater are not susceptible to the
arbitrary code execution mentioned above.
compartments can result in denial of service or possibly
arbitrary code execution. (CVE-2013-1725)
- An object is not properly identified during use of
user-defined getter methods on DOM proxies. This can
result in access restrictions being bypassed.
See also :
Upgrade to Firefox 17.0.9 ESR or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false