SynopsisThe remote Mac OS X host contains a web browser that is potentially affected by multiple vulnerabilities.
DescriptionThe installed version of Firefox 3.6 is earlier than 3.6.24. Such versions are potentially affected by the following security issues :
- There is an error within the JSSubScriptLoader that incorrectly unwraps 'XPCNativeWrappers'. By tricking a user into installing a malicious plug-in, an attacker could exploit this issue to execute arbitrary code.
- Certain invalid sequences are not handled properly in 'Shift-JIS' encoding, which can allow cross-site scripting attacks. (CVE-2011-3648)
SolutionUpgrade to Firefox 3.6.24 or later.