This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing a security update.
Several use-after-free flaws were found in Firefox. Visiting a web
page containing malicious content could result in Firefox executing
arbitrary code with the privileges of the user running Firefox.
(CVE-2010-0175, CVE-2010-0176, CVE-2010-0177)
A flaw was found in Firefox that could allow an applet to generate a
drag and drop action from a mouse click. Such an action could be used
running Firefox. (CVE-2010-0178)
A privilege escalation flaw was found in Firefox when the Firebug
add-on is in use. The XMLHttpRequestSpy module in the Firebug add-on
exposes a Chrome privilege escalation flaw that could be used to
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2010-0174)
After installing the update, Firefox must be restarted for the changes
to take effect.
See also :
Update the affected firefox package.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60766 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now