Mozilla Firefox 3.6.x < 3.6.4 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5580
The remote host has a web browser installed that is vulnerable to multiple attack vectors.
Versions of Firefox 3.6.x prior to 3.6.4 are potentially affected by multiple vulnerabilities : - Multiple crashes can result in code execution. (MFSA 2010-26) - Freed object reuse across plugin instances. (MFSA 2010-28) - A heap buffer overflow in 'nsGenericDOMDataNode::SetTextInternal'. (MFSA 2010-29) - An integer overflow in XSLT node sorting. (MFSA 2010-30) - The 'focus()' behavior can be used to inject or steal keystrokes. (MFSA 2010-31) - The 'Content-Disposition: attachment' HTTP header is ignored when 'Content-Type: multipart' is also present. (MFSA 2010-32) - It is possible to reverse engineer the value used to seed 'Math.random()'. (MFSA 2008-33)