Firefox ESR < 38.6 Multiple Vulnerabilities
Critical Nessus Plugin ID 88460
SynopsisThe remote Windows host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Firefox ESR installed on the remote Windows host is prior to 38.6. It is, therefore, affected by the following vulnerabilities :
- Multiple unspecified memory corruption issues exist that allow a remote attacker to execute arbitrary code.
- A buffer overflow condition exists in WebGL that is triggered when handling cache out-of-memory error conditions. A remote attacker can exploit this to execute arbitrary code. (CVE-2016-1935)
SolutionUpgrade to Firefox ESR version 38.6 or later.