Mozilla Firefox < 1.7 Multiple Remote Overflows

Critical Nessus Network Monitor Plugin ID 1239

Synopsis

The remote browser is vulnerable to multiple overflow flaws.

Description

The remote host is using the Mozilla web browser prior to version 1.7. There are several flaws within this version of Mozilla that include a remote overflow via a spoofed address bar, an overflow in the SSL certificate store, and other serious issues.

Solution

Upgrade to Firefox 1.7 or later.

See Also

http://www.mozilla.org/security

Plugin Details

Severity: Critical

ID: 1239

File Name: 1239.prm

Family: Web Clients

Published: 2004/08/20

Modified: 2016/11/23

Dependencies: 9131

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Reference Information

CVE: CVE-2004-0757

BID: 15495