Test ID:	1.3.6.1.4.1.25623.1.2.1.2012.60
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2012-60) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Escalation of privilege through about:newtab Security researcher Mariusz Mlynski reported that when a page opens a new tab, a subsequent window can then be opened that can be navigated to about:newtab, a chrome privileged page. Once about:newtab is loaded, the special context can potentially be used to escalate privilege, allowing for arbitrary code execution on the local system in a maliciously crafted attack. Affected Software/OS: Firefox version(s) below 15. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3965 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16442 SuSE Security Announcement: SUSE-SU-2012:1157 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html SuSE Security Announcement: SUSE-SU-2012:1167 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html SuSE Security Announcement: openSUSE-SU-2012:1065 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://www.ubuntu.com/usn/USN-1548-1 http://www.ubuntu.com/usn/USN-1548-2
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.