Firefox < 29.0 Multiple Vulnerabilities

High Nessus Plugin ID 73769

Synopsis

The remote Windows host contains a web browser that is potentially affected by multiple vulnerabilities.

Description

The installed version of Firefox is a version prior to 29.0 and is, therefore, potentially affected by the following vulnerabilities :

- An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in- the-middle attacks. (CVE-2014-1492)

- Memory issues exist that could lead to arbitrary code execution. (CVE-2014-1518, CVE-2014-1519)

- An issue exists related to the 'Mozilla Maintenance Service' that could lead to privilege escalation due to the creation of a writeable temporary directory during the update process. (CVE-2014-1520)

- An out-of-bounds read issue exists in the Web Audio feature that could lead to information disclosure.
(CVE-2014-1522)

- An out-of-bounds read issue exists when decoding certain JPG images that could lead to a denial of service. (CVE-2014-1523)

- A memory corruption issue exists due to improper validation of XBL objects that could lead to arbitrary code execution. (CVE-2014-1524)

- A use-after-free memory issue exists in the Text Track Manager during HTML video processing that could lead to arbitrary code execution. (CVE-2014-1525)

- An issue exists related to the debugger bypassing XrayWrappers that could lead to privilege escalation.
(CVE-2014-1526)

- An out-of-bounds write issue exists in the Cairo graphics library that could lead to arbitrary code execution. Note that this issue only affects Firefox 28 and SeaMonkey 2.25. (CVE-2014-1528)

- A security bypass issue exists in the Web Notification API that could lead to arbitrary code execution.
(CVE-2014-1529)

- A cross-site scripting issue exists that could allow an attacker to load another website other than the URL for the website that is shown in the address bar.
(CVE-2014-1530)

- A use-after-free issue exists due to an 'imgLoader' object being freed when being resized. This issue could lead to arbitrary code execution. (CVE-2014-1531)

- A use-after-free issue exists during host resolution that could lead to arbitrary code execution.
(CVE-2014-1532)

Solution

Upgrade to Firefox 29.0 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2014-34/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-35/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-36/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-37/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-38/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-39/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-41/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-42/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-43/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-44/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-45/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-46/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-47/

Plugin Details

Severity: High

ID: 73769

File Name: mozilla_firefox_29.nasl

Version: 1.11

Type: local

Agent: windows

Family: Windows

Published: 2014/04/29

Updated: 2018/07/16

Dependencies: 20862

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Required KB Items: Mozilla/Firefox/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/04/29

Vulnerability Publication Date: 2014/03/28

Reference Information

CVE: CVE-2014-1492, CVE-2014-1518, CVE-2014-1519, CVE-2014-1520, CVE-2014-1522, CVE-2014-1523, CVE-2014-1524, CVE-2014-1525, CVE-2014-1526, CVE-2014-1528, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532

BID: 66356, 67123, 67125, 67126, 67127, 67129, 67130, 67131, 67132, 67133, 67134, 67135, 67136, 67137

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990