Mozilla SOAPParameter Object Constructor Overlow

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a web browser that is affected by
an integer overflow vulnerability.

Description :

The Mozilla web browser is installed on the remote host.

The remote version of this software has an integer overflow
vulnerability in the SOAPParameter object constructor. This could
result in arbitrary code execution.

A remote attacker could exploit this flaw by tricking a user into
viewing a maliciously crafted web page.

Solution :

Upgrade to Mozilla 1.7.1 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 14192 ()

Bugtraq ID: 10843

CVE ID: CVE-2004-0722

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now