Test ID:	1.3.6.1.4.1.25623.1.0.821145
Category:	General
Title:	Mozilla Firefox ESR Security Advisory (MFSA2022-11) - Windows
Summary:	Mozilla Firefox ESR is prone to multiple; vulnerabilities.
Description:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to, - Browser window spoof using fullscreen mode. - iframe allow-scripts sandbox bypass. - Time-of-check time-of-use bug when verifying add-on signatures. - Use-after-free in text reflows. - Temporary files downloaded to /tmp and accessible by other local users. Vulnerability Impact: Successful exploitation will allow attackers to run arbitrary code, bypass security restrictions, conduct spoofing and cause a denial of service on affected system. Affected Software/OS: Mozilla Firefox ESR version before 91.7 on Windows. Solution: Upgrade to Mozilla Firefox ESR version 91.7 or later, Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-26383 https://bugzilla.mozilla.org/show_bug.cgi?id=1742421 https://www.mozilla.org/security/advisories/mfsa2022-10/ https://www.mozilla.org/security/advisories/mfsa2022-11/ https://www.mozilla.org/security/advisories/mfsa2022-12/ Common Vulnerability Exposure (CVE) ID: CVE-2022-26384 https://bugzilla.mozilla.org/show_bug.cgi?id=1744352 Common Vulnerability Exposure (CVE) ID: CVE-2022-26387 https://bugzilla.mozilla.org/show_bug.cgi?id=1752979 Common Vulnerability Exposure (CVE) ID: CVE-2022-26381 https://bugzilla.mozilla.org/show_bug.cgi?id=1736243
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.