Mozilla Firefox < 9.0 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 6109

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Firefox prior to 9.0 are affected by the following security issues :

- An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler. (CVE-2011-3658)
- Various memory safety errors exist that can lead to memory corruption and possible code execution. (CVE-2011-3660)
- An error exists in the 'YARR' regular expression library that can cause application crashers when handling certain JavaScript statements. (CVE-2011-3661)
- It is possible to detect keystrokes using 'SVG' animation 'accesskey' events even when JavaScript is disabled. (CVE-2011-3663)
- An error exists related to plugins that can allow a null pointer to be dereferenced when a plugin deletes its containing DOM frame during a call from that frame. It may be possible for a non-null pointer to be dereferenced thereby opening up the potential for further exploitation. (CVE-2011-3664)
- It is possible to crash the application when OGG 'video' elements are scaled to extreme sizes. (CVE-2011-3665)

Solution

Upgrade to Firefox 9.0 or later.

See Also

http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9

http://www.mozilla.org/security/announce/2011/mfsa2011-53.html

http://www.mozilla.org/security/announce/2011/mfsa2011-54.html

http://www.mozilla.org/security/announce/2011/mfsa2011-55.html

http://www.mozilla.org/security/announce/2011/mfsa2011-56.html

http://www.mozilla.org/security/announce/2011/mfsa2011-57.html

http://www.mozilla.org/security/announce/2011/mfsa2011-58.html

Plugin Details

Severity: High

ID: 6109

File Name: 6109.prm

Family: Web Clients

Published: 2011/12/21

Modified: 2016/06/24

Dependencies: 9131

Nessus ID: 57351, 57359

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Patch Publication Date: 2011/12/20

Vulnerability Publication Date: 2011/12/20

Exploitable With

CANVAS (CANVAS)

Metasploit (Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability)

Reference Information

CVE: CVE-2011-3658, CVE-2011-3660, CVE-2011-3661, CVE-2011-3663, CVE-2011-3664, CVE-2011-3665

BID: 51133, 51134, 51135, 51136, 51137, 51138, 54080