icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mozilla Firefox < 3.5.2/3.0.12 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The installed version of Mozilla Firefox is earlier than 3.5.2/3.0.12. Such versions are potentially affected by multiple issues :

- A denial-of-service vulnerability when Firefox receives a reply from a SOCKS5 proxy which contains a DNS name longer than 15 characters. (CVE-2009-2470) - Multiple flaws exist in the 'libvorbis' library could lead to remote code execution. (CVE-2009-2663)

Solution

Upgrade to Mozilla Firefox 3.5.2/3.0.12 or later.