GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.

Synopsis :

The remote Gentoo host is missing one or more security-related

Description :

The remote host is affected by the vulnerability described in GLSA-200604-12
(Mozilla Firefox: Multiple vulnerabilities)

Several vulnerabilities were found in Mozilla Firefox. Versions
1.0.8 and were released to fix them.

Impact :

A remote attacker could craft malicious web pages that would
leverage these issues to inject and execute arbitrary script code with
elevated privileges, steal local files, cookies or other information
from web pages, and spoof content. Some of these vulnerabilities might
even be exploited to execute arbitrary code with the rights of the
browser user.

Workaround :

There are no known workarounds for all the issues at this time.

See also :

Solution :

All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-1.0.8'
All Mozilla Firefox binary users should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/mozilla-firefox-bin-1.0.8'

Risk factor :

Critical / CVSS Base Score : 10.0

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now