|
Test ID: | 1.3.6.1.4.1.25623.1.0.814416 |
Category: | General |
Title: | Mozilla Firefox ESR Security Updates(mfsa_2018-24_2018-24)-Windows |
Summary: | This host is installed with; Mozilla Firefox ESR and is prone to multiple vulnerabilities. |
Description: | Summary: This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exists due to, - Poor event handling in nested loops while opening a document through script. - A WebExtension can bypass domain restrictions through domain fronting. - A WebExtension can run content scripts in disallowed contexts following navigation or other events. - A WebExtension can request access to local files without the warning prompt. - Memory safety bugs. Vulnerability Impact: Successful exploitation will allow attackers to run arbitrary code, denial of service and cause denial of service. Affected Software/OS: Mozilla Firefox ESR version before 60.3 on Windows. Solution: Upgrade to Mozilla Firefox ESR version 60.3 or later. For updates refer to Reference links. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-12392 Common Vulnerability Exposure (CVE) ID: CVE-2018-12395 Common Vulnerability Exposure (CVE) ID: CVE-2018-12396 Common Vulnerability Exposure (CVE) ID: CVE-2018-12397 Common Vulnerability Exposure (CVE) ID: CVE-2018-12389 Common Vulnerability Exposure (CVE) ID: CVE-2018-12390 |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|