Detections
Analytics
Firefox < 2.0.0.10 Multiple Vulnerabilities
high Log Correlation Engine Plugin ID 800768
Synopsis
The remote Windows host contains a web browser that is affected by multiple vulnerabilities.Description
The installed version of Firefox is affected by various security issues :- Three bugs that can result in crashes with traces of memory corruption
- A cross-site scripting vulnerability involving support for the 'jar:' URI scheme
- A timing issue when setting the 'window.location' property that could be leveraged to conduct cross-site request forgery attacks.
Solution
Upgrade to version 2.0.0.10 or higher.See Also
http://www.mozilla.org/security/announce/2007/mfsa2007-37.html
http://www.mozilla.org/security/announce/2007/mfsa2007-38.html
http://www.mozilla.org/security/announce/2007/mfsa2007-39.html
Plugin Details
Severity: High
ID: 800768
Family: Web Clients
Nessus ID: 28329
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P