Firefox < 22.0 Multiple Vulnerabilities

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a web browser that is potentially
affected by multiple vulnerabilities.

Description :

The installed version of Firefox is earlier than 22.0 and is,
therefore, potentially affected by the following vulnerabilities :

- Various, unspecified memory safety issues exist.
(CVE-2013-1682, CVE-2013-1683)

- Heap-use-after-free errors exist related to
'LookupMediaElementURITable',
'nsIDocument::GetRootElement' and 'mozilla::ResetDir'.
(CVE-2013-1684, CVE-2013-1685, CVE-2013-1686)

- An error exists related to 'XBL scope', 'System Only
Wrappers' (SOW) and chrome-privileged pages that could
allow cross-site scripting attacks. (CVE-2013-1687)

- An error exists related to the 'profiler' that could
allow arbitrary code execution. (CVE-2013-1688)

- An error related to 'onreadystatechange' and unmapped
memory could cause application crashes and allow
arbitrary code execution. (CVE-2013-1690)

- The application sends data in the body of XMLHttpRequest
(XHR) HEAD requests and could aid in cross-site request
forgery attacks. (CVE-2013-1692)

- An error related to the processing of SVG content could
allow a timing attack to disclose information across
domains. (CVE-2013-1693)

- An error exists related to 'PreserveWrapper' and the
'preserved-wrapper' flag that could cause potentially
exploitable application crashes. (CVE-2013-1694)

- An error exists related to '<iframe sandbox>'
restrictions that could allow a bypass of these
restrictions. (CVE-2013-1695)

- The 'X-Frame-Options' header is ignored in certain
situations and can aid in click-jacking attacks.
(CVE-2013-1696)

- An error exists related to the 'toString' and 'valueOf'
methods that could allow 'XrayWrappers' to be bypassed.
(CVE-2013-1697)

- An error exists related to the 'getUserMedia'
permission dialog that could allow a user to be tricked
into giving access to unintended domains.
(CVE-2013-1698)

- Homograph domain spoofing protection is incomplete and
certain attacks are still possible using
Internationalized Domain Names (IDN). (CVE-2013-1699)

- An error exists related to the 'Mozilla Maintenance
Service' on Windows that could allow insecure updates.
(CVE-2013-1700)

See also :

https://www.mozilla.org/en-US/security/advisories/mfsa2013-49/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-50/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-51/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-52/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-53/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-54/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-55/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-56/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-57/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-58/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-59/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-60/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-61/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-62/

Solution :

Upgrade to Firefox 22.0 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true