Mozilla Firefox < 52.01 RCE
Medium Nessus Network Monitor Plugin ID 700012
SynopsisThe remote host has a web browser installed that is vulnerable to a Remote Code Execution (RCE) attack vector.
DescriptionVersions of Mozilla Firefox prior to 52.01 are unpatched for an integer overflow condition in the 'nsGlobalWindow::CreateImageBitmap()' function in 'dom/base/nsGlobalWindow.cpp' that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to corrupt memory and execute arbitrary code.
SolutionUpgrade to Firefox version 52.01 or later.