Mozilla Firefox < 1.0.2 Multiple Vulnerabilities
Medium Log Correlation Engine Plugin ID 801335
SynopsisThe remote host is missing a critical security patch or upgrade.
DescriptionThe remote host is using Firefox. The remote version of this software contains multiple security flaws that can be exploited by a malicious website. An attacker exploiting one of these flaws would need to be able to either convince a remote user to visit a malicious website or convince the remote user to open an HTML email and save an attachment.
In addition, this version is vulnerable to a remote flaw that could result in arbitrary code execution. Specifically, if a malicious web page is bookmarked as a sidebar panel, the malicious page may open and inject code into privileged pages. An attacker exploiting this flaw would need to be able to convince a user to both visit and bookmark their malicious web page.
SolutionUpgrade to version 1.0.2 or higher.