Firefox < 37.0.2 Failed Plugin Memory Corruption
High Nessus Plugin ID 82998
SynopsisThe remote Windows host contains a web browser that is affected by a memory corruption vulnerability.
DescriptionThe version of Firefox installed on the remote Windows host is prior to 37.0.2. It is, therefore, affected by a use-after-free error, related to the AsyncPaintWaitEvent() method, due to a race condition caused when plugin initialization fails. A remote attacker, using a crafted web page, can exploit this to execute arbitrary code.
SolutionUpgrade to Firefox 37.0.2 or later.