Mozilla Firefox 3.6.x < 3.6.3 RCE
Medium Nessus Network Monitor Plugin ID 5502
SynopsisThe remote host has a web browser installed that is vulnerable to a remote code execution attack.
DescriptionThe remote host is running a version of Mozilla Firefox 3.6.x prior to 3.6.3. Such versions are potentially affected by a memory corruption flaw caused by the re-use of a freed object when moving DOM nodes between documents. A remote attacker, exploiting this flaw, could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
SolutionUpgrade to Firefox 3.6.3 or later.