Firefox < 45 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a web browser that is affected by
multiple vulnerabilities.

Description :

The version of Firefox installed on the remote Windows host is prior
to 45. It is, therefore, affected by multiple vulnerabilities, the
majority of which are remote code execution vulnerabilities. An
unauthenticated, remote attacker can exploit these issues by
convincing a user to visit a specially crafted website, resulting in
the execution of arbitrary code in the context of the current user.

See also :

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/

Solution :

Upgrade to Firefox version 45 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true