Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Firefox < 29.0 / Firefox ESR < 24.5 Multiple Vulnerabilities

High

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Mozilla Firefox earlier than 29.0 (or ESR version 24.5) are unpatched against the following vulnerabilities :

- Use-after-free vulnerabilities in nsHostResolver, imgLoader, and Text Track Manager (for HTML video), which can crash with a potentially exploitable condition (CVE-2014-1532, CVE-2014-1531, CVE-2014-1525) - A potentially exploitable out-of-bounds write in Cairo, a potentially exploitable out-of-bounds read issue with Web Audio, and a non-exploitable out-of-bounds read when decoding JPG images (CVE-2014-1528, CVE-2014-1522, CVE-2014-1523) - Improper wildcard matching of domains in the Network Security Services (NSS library), which has since been fixed by updating to version 3.16 (CVE-2014-1492) - Potential privilege escalation via Xray Wrappers bypass, which can occur if a user used the debugger to interact with a malicious page (CVE-2014-1526) - Privilege escalation for scripts when sites that have been granted notification permissions by a user can bypass security checks on source components for the Web Notification API (CVE-2014-1529) - Privilege escalation via the Mozilla Maintenance Service Installer, which writes to a globally writeable temporary directory during the update process (Windows only) (CVE-2014-1520) - A potentially exploitable buffer overflow when a script uses a non-XBL object as an XBL object (CVE-2014-1524) - A cross-site scripting vulnerability using browser navigations through history to load a website with the page's base URI pointing to a different site (CVE-2014-1530) - Various memory safety hazards (CVE-2014-1518, CVE-2014-1519)

Solution

Upgrade to Firefox 29.0 (or Firefox ESR versions 24.5, as appropriate), or later.