Mozilla Firefox < 33.0 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 8553

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

Versions of Mozilla Firefox earlier than 33.0 are unpatched for the following vulnerabilities :

- Buffer overflow vulnerability exists when capitalization style changes occur during CSS parsing. (CVE-2014-1576)
- Out-of-bounds read error in the Web Audio component when invalid values are used in custom waveforms can lead to denial of service or information disclosure. (CVE-2014-1577)
- Out-of-bounds write error when processing invalid tile sizes in 'WebM' format videos can be leveraged for arbitrary code execution. (CVE-2014-1578)
- Memory is not properly initialized during GIF rendering within a '<canvas>' element, which can be leveraged via a specially crafted web script to acquire sensitive information from the process memory. (CVE-2014-1580)
- Use-after-free error in the 'DirectionalityUtils' component when text direction is used in the text layout can be leveraged for arbitrary code execution. (CVE-2014-1581)
- Multiple security bypass vulnerabilities exist in the implementation of Public Key Pinning (PKP); one issue can be triggered via SPDY's or HTTP/2's connection-coalescing property in the case of a shared IP address, and another issue is exposed by an unspecified issuer-verification error. Both scenarios can be leveraged for man-in-the-middle attacks. Note that key pinning was introduced in Firefox 32. (CVE-2014-1582, CVE-2014-1584)
- A cross-origin policy bypass exists that could allow a malicious app to use 'AlarmAPI' to read cross-origin references and possibly perform unauthorized actions through the victim user's session. (CVE-2014-1583)
- Multiple issues exist in WebRTC when the session is running within an 'iframe' element that will allow the session to be accessible even when sharing is stopped and when returning to the website. This could result in the video inadvertently being shared. (CVE-2014-1585, CVE-2014-1586)
- Multiple memory safety flaws exist within the browser engine, which can likely be leveraged for denial of service or arbitrary code execution. (CVE-2014-1574, CVE-2014-1575)

Solution

Upgrade to Firefox 33.0, or later.

See Also

https://www.mozilla.org/security/announce/2014/mfsa2014-74.html

https://www.mozilla.org/security/announce/2014/mfsa2014-75.html

https://www.mozilla.org/security/announce/2014/mfsa2014-76.html

https://www.mozilla.org/security/announce/2014/mfsa2014-77.html

https://www.mozilla.org/security/announce/2014/mfsa2014-78.html

https://www.mozilla.org/security/announce/2014/mfsa2014-79.html

https://www.mozilla.org/security/announce/2014/mfsa2014-80.html

https://www.mozilla.org/security/announce/2014/mfsa2014-81.html

https://www.mozilla.org/security/announce/2014/mfsa2014-82.html

Plugin Details

Severity: High

ID: 8553

Family: Web Clients

Published: 10/17/2014

Updated: 11/6/2019

Nessus ID: 78473

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Patch Publication Date: 10/14/2014

Vulnerability Publication Date: 10/14/2014

Reference Information

CVE: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1580, CVE-2014-1581, CVE-2014-1582, CVE-2014-1583, CVE-2014-1584, CVE-2014-1585, CVE-2014-1586

BID: 70424, 70425, 70426, 70427, 70428, 70430, 70436, 70439, 70440, 70431, 70432, 70434