This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592,
A flaw was found in the Alarm API, which could allow applications to
schedule actions to be run in the future. A malicious web application
could use this flaw to bypass the same-origin policy. (CVE-2014-1594)
This update disables SSL 3.0 support by default in Firefox. Details on
how to re-enable SSL 3.0 support are available at :
After installing the update, Firefox must be restarted for the changes
to take effect.
See also :
Update the affected firefox and / or firefox-debuginfo packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 79712 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now