Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities

critical Nessus Plugin ID 66992

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Windows host contains a web browser that is potentially affected by multiple vulnerabilities.

Description

The installed version of Firefox ESR 17.x is earlier than 17.0.7, and is, therefore, potentially affected by the following vulnerabilities :

 - Various, unspecified memory safety issues exist.
 (CVE-2013-1682)

 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable', 'nsIDocument::GetRootElement' and 'mozilla::ResetDir'.
 (CVE-2013-1684, CVE-2013-1685, CVE-2013-1686)

 - An error exists related to 'XBL scope', 'System Only Wrappers' (SOW) and chrome-privileged pages that could allow cross-site scripting attacks. (CVE-2013-1687)

 - An error related to 'onreadystatechange' and unmapped memory could cause application crashes and allow arbitrary code execution. (CVE-2013-1690)

 - The application sends data in the body of XMLHttpRequest (XHR) HEAD requests and could aid in cross-site request forgery attacks. (CVE-2013-1692)

 - An error related to the processing of SVG content could allow a timing attack to disclose information across domains. (CVE-2013-1693)

 - An error exists related to 'PreserveWrapper' and the 'preserved-wrapper' flag that could cause potentially exploitable application crashes. (CVE-2013-1694)

 - An error exists related to the 'toString' and 'valueOf' methods that could allow 'XrayWrappers' to be bypassed.
 (CVE-2013-1697)

Solution

Upgrade to Firefox 17.0.7 ESR or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2013-49/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-50/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-51/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-53/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-54/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-55/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-56/

https://www.mozilla.org/en-US/security/advisories/mfsa2013-59/

Plugin Details

Severity: Critical

ID: 66992

File Name: mozilla_firefox_1707_esr.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 6/26/2013

Updated: 11/27/2019

Dependencies: mozilla_org_installed.nasl

Risk Information

CVSS Score Source: CVE-2013-1686

VPR

Risk Factor: Critical

Score: 9.6

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox_esr

Required KB Items: Mozilla/Firefox/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/25/2013

Vulnerability Publication Date: 6/25/2013

Exploitable With

Metasploit (Firefox onreadystatechange Event DocumentViewerImpl Use After Free)

Reference Information

CVE: CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1690, CVE-2013-1692, CVE-2013-1693, CVE-2013-1694, CVE-2013-1697

BID: 60765, 60766, 60773, 60774, 60776, 60777, 60778, 60783, 60784, 60787

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990