Firefox 3.5.x < 3.5.2 Multiple Vulnerabilities
High Nessus Plugin ID 40479
Synopsis
The remote Windows host contains a web browser that is affected by multiple vulnerabilities.
Description
The installed version of Firefox 3.5 is earlier than 3.5.2. Such versions are potentially affected by the following security issues :
- A SOCKS5 proxy that replies with a hostname containing more than 15 characters can corrupt the subsequent data stream. This can lead to a denial of service, though there is reportedly no memory corruption.
(MFSA 2009-38)
- The location bar and SSL indicators can be spoofed by calling window.open() on an invalid URL. A remote attacker could use this to perform a phishing attack.
(MFSA 2009-44)
- Unspecified JavaScript-related vulnerabilities can lead to memory corruption, and possibly arbitrary execution of code. (MFSA 2009-45, MFSA 2009-47)
- If an add-on has a 'Link:' HTTP header when it is installed, the window's global object receives an incorrect security wrapper, which could lead to arbitrary JavaScript being executed with chrome privileges. (MFSA 2009-46)
Solution
Upgrade to Firefox 3.5.2 or later.