Mozilla Firefox 3.6.x < 3.6.17 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5901
The remote host has a web browser installed that is vulnerable to multiple attack vectors.
Versions of Firefox 3.6.x earlier than 3.6.17 are potentially affected by multiple vulnerabilities : Multiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12) - Multiple dangling pointer vulnerabilities exist. (MFSA2011-13) - A Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history. (MFSA2011-14) - The Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox could be exploited to obtain elevated access to resources on a user's system. (MFSA2011-15) - The 'resource: ' protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. (MFSA2011-16) - The XSLT 'generate-id()' function returned a string that revealed a specific valid address of an object on the memory heap. (MFSA2011-18)