Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64
High Nessus Plugin ID 78848
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577)
A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions.
After installing the update, Firefox must be restarted for the changes to take effect.
SolutionUpdate the affected packages.