Test ID:	1.3.6.1.4.1.25623.1.2.1.2012.66
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2012-66) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: HTTPMonitor extension allows for remote debugging without explicit activation Mozilla security researcher Mark Goodwin discovered an issue with the Firefox developer tools' debugger. If remote debugging is disabled, but the experimental HTTPMonitor extension has been installed and enabled, a remote user can connect to and use the remote debugging service through the port used by HTTPMonitor. A remote-enabled flag has been added to resolve this problem and close the port unless debugging is explicitly enabled. Affected Software/OS: Firefox version(s) below 15. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3973 BugTraq ID: 55308 http://www.securityfocus.com/bid/55308 http://osvdb.org/85005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17039 SuSE Security Announcement: SUSE-SU-2012:1157 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html SuSE Security Announcement: SUSE-SU-2012:1167 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html SuSE Security Announcement: openSUSE-SU-2012:1065 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html http://www.ubuntu.com/usn/USN-1548-1 http://www.ubuntu.com/usn/USN-1548-2
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.