This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.
The remote Windows host contains a web browser that is potentially
affected by multiple vulnerabilities.
The installed version of Firefox ESR 17.x is earlier than 17.0.5, and
thus, is potentially affected by the following vulnerabilities :
- Various memory safety issue exist. (CVE-2013-0788)
- An out-of-bounds memory read error exists related to
'CERT_DecodeCertPackage' and certificate decoding.
- An error exists related to navigation, history and
improper 'baseURI' property values that could allow
cross-site scripting attacks. (CVE-2013-0793)
- A error exists related to 'cloneNode' that can allow
'System Only Wrapper' (SOW) to be bypassed thus
violating the same origin policy and possibly leading
to privilege escalation and code execution.
- A DLL loading vulnerability exists that could lead to
- A buffer overflow error exists related to the Mozilla
Maintenance Service. (CVE-2013-0799)
- An out-of-bounds write error exists related to the
Cairo graphics library. (CVE-2013-0800)
See also :
Upgrade to Firefox 17.0.5 ESR or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Nessus Plugin ID: 65805 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now