The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2185-1 advisory.

    Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, John     Schoenick, Karl Tomlinson, Vladimir Vukicevic and Christian Holler discovered multiple memory safety     issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could     potentially exploit these to cause a denial of service via application crash, or execute arbitrary code     with the privileges of the user invoking Firefox. (CVE-2014-1518, CVE-2014-1519)

    An out of bounds read was discovered in Web Audio. An attacker could potentially exploit this cause a     denial of service via application crash or execute arbitrary code with the privileges of the user invoking     Firefox. (CVE-2014-1522)

    Abhishek Arya discovered an out of bounds read when decoding JPG images. An attacker could potentially     exploit this to cause a denial of service via application crash. (CVE-2014-1523)

    Abhishek Arya discovered a buffer overflow when a script uses a non-XBL object as an XBL object. An     attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking     Firefox. (CVE-2014-1524)

    Abhishek Arya discovered a use-after-free in the Text Track Manager when processing HTML video. An     attacker could potentially exploit this to cause a denial of service via application crash or execute     arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1525)

    Jukka Jylnki discovered an out-of-bounds write in Cairo when working with canvas in some circumstances.
    An attacker could potentially exploit this to cause a denial of service via application crash or execute     arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1528)

    Mariusz Mlynski discovered that sites with notification permissions can run script in a privileged context     in some circumstances. An attacker could exploit this to execute arbitrary code with the privileges of the     user invoking Firefox. (CVE-2014-1529)

    It was discovered that browser history navigations could be used to load a site with the addressbar     displaying the wrong address. An attacker could potentially exploit this to conduct cross-site scripting     or phishing attacks. (CVE-2014-1530)

    A use-after-free was discovered when resizing images in some circumstances. An attacker could potentially     exploit this to cause a denial of service via application crash or execute arbitrary code with the     privileges of the user invoking Firefox. (CVE-2014-1531)

    Christian Heimes discovered that NSS did not handle IDNA domain prefixes correctly for wildcard     certificates. An attacker could potentially exploit this by using a specially crafted certificate to     conduct a machine-in-the-middle attack. (CVE-2014-1492)

    Tyson Smith and Jesse Schwartzentruber discovered a use-after-free during host resolution in some     circumstances. An attacker could potentially exploit this to cause a denial of service via application     crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1532)

    Boris Zbarsky discovered that the debugger bypassed XrayWrappers for some objects. If a user were tricked     in to opening a specially crafted website whilst using the debugger, an attacker could potentially exploit     this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2014-1526)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2185-1)

critical Nessus Plugin ID 73786

Version 1.20