icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mozilla Firefox < 3.0.8 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Firefox prior to 3.0.8 are affected by the following security issues :

- An XSL transformation vulnerability can be leveraged with a specially crafted stylesheet to crash the browser or to execute arbitrary code. (MFSA 2009-12) - An error in the XUL tree method '_moveToEdgeShift()' can be leveraged to trigger garbage collection routines on objects that are still in use, leading to a browser crash and possibly execution of arbitrary code. (MFSA 2009-13)

Solution

Upgrade to Firefox 3.0.8 or higher.