Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Firefox < 3.5.2/3.0.12 Multiple Vulnerabilities

Medium

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The installed version of Mozilla Firefox is earlier than 3.5.2/3.0.12. Such versions are potentially affected by multiple issues :

- A denial-of-service vulnerability when Firefox receives a reply from a SOCKS5 proxy which contains a DNS name longer than 15 characters. (CVE-2009-2470) - Multiple flaws exist in the 'libvorbis' library could lead to remote code execution. (CVE-2009-2663)

Solution

Upgrade to Mozilla Firefox 3.5.2/3.0.12 or later.