Mozilla Browser < 1.7.10 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 801257

Synopsis

The remote host is vulnerable to a multiple attack vectors.

Description

The remote host is using Mozilla. The remote version of this software contains various security issues that may allow an attacker to execute arbitrary code on the remote host.

Solution

Upgrade to version 1.7.10 or higher.

See Also

http://.mozilla.org/security/announce/2005/mfsa2005-45.html

http://.mozilla.org/security/announce/2005/mfsa2005-46.html

http://.mozilla.org/security/announce/2005/mfsa2005-48.html

http://.mozilla.org/security/announce/2005/mfsa2005-50.html

http://.mozilla.org/security/announce/2005/mfsa2005-51.html

http://.mozilla.org/security/announce/2005/mfsa2005-52.html

http://.mozilla.org/security/announce/2005/mfsa2005-54.html

http://.mozilla.org/security/announce/2005/mfsa2005-55.html

http://.mozilla.org/security/announce/2005/mfsa2005-56.html

Plugin Details

Severity: High

ID: 801257

Family: Web Clients

Nessus ID: 18813

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Exploitable With

Metasploit (Mozilla Suite/Firefox InstallVersion compareTo() Code Execution)

Reference Information

CVE: CVE-2005-1937, CVE-2004-0597, CVE-2004-0599, CVE-2004-0722, CVE-2004-0757, CVE-2004-0758, CVE-2004-0759, CVE-2004-0760, CVE-2004-0761, CVE-2004-0762, CVE-2004-0763, CVE-2004-0764, CVE-2005-0399, CVE-2005-0989, CVE-2005-1153, CVE-2005-1154, CVE-2005-1155, CVE-2005-1156, CVE-2005-1157, CVE-2005-1159, CVE-2005-1476, CVE-2005-1477, CVE-2005-1531, CVE-2005-1532, CVE-2005-2262, CVE-2005-2264, CVE-2005-2267, CVE-2005-2701, CVE-2005-2702, CVE-2005-2703, CVE-2005-2704, CVE-2005-2705, CVE-2005-2706, CVE-2005-2707, CVE-2005-2968, CVE-2005-2260, CVE-2005-2261, CVE-2005-2263, CVE-2005-2265, CVE-2005-2268, CVE-2005-2269, CVE-2005-2270, CVE-2005-1160, CVE-2005-2266, CVE-2004-0718

BID: 13233, 15495, 14242, 14008