Firefox 3.6.7 Remote Code Execution Vulnerability

High Log Correlation Engine Plugin ID 800734

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Firefox 3.6.7 is potentially affected by a memory corruption vulnerability that could lead to arbitrary cod execution.

Solution

Upgrade to Mozilla Firefox 3.6.8 or later.

See Also

http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.8

http://www.mozilla.org/security/announce/2010/mfsa2010-48.html

Plugin Details

Severity: High

ID: 800734

File Name: 800734.prm

Family: Web Clients

Published: 2010/07/26

Nessus ID: 47829

Risk Information

Risk Factor: High

CVSSv2

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2010/07/23

Vulnerability Publication Date: 2010/07/20

Reference Information

CVE: CVE-2010-2755

BID: 41933