Detections
Analytics
Firefox < 2.0.0.14 Javascript Garbage Collection DoS
high Log Correlation Engine Plugin ID 800772
Synopsis
The remote Windows host contains a web browser that may allow arbitrary code execution.Description
The installed version of Firefox contains a stability problem that could result in a crash during Javascript garbage collection. Although there are no examples of this extending beyond a crash, similar issues in the past have been shown to allow arbitrary code execution.Solution
Upgrade to version 2.0.0.14 or higher.See Also
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
Plugin Details
Severity: High
ID: 800772
Family: Web Clients
Nessus ID: 31864
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Reference Information
CVE: CVE-2008-1380
BID: 28818