Test ID:	1.3.6.1.4.1.25623.1.2.1.2013.07
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2013-07) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Crash due to handling of SSL on threads Mozilla community member Jerry Baker reported a crashing issue found through Thunderbird when downloading messages over a Secure Sockets Layer (SSL) connection. This was caused by a bug in the networking code assuming that secure connections were entirely handled on the socket transport thread when they can occur on a variety of threads. The resulting crash was potentially exploitable. Affected Software/OS: Firefox version(s) below 18. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0764 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16715 SuSE Security Announcement: SUSE-SU-2013:0048 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html SuSE Security Announcement: SUSE-SU-2013:0049 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html SuSE Security Announcement: openSUSE-SU-2013:0131 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html SuSE Security Announcement: openSUSE-SU-2013:0149 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://www.ubuntu.com/usn/USN-1681-1 http://www.ubuntu.com/usn/USN-1681-2 http://www.ubuntu.com/usn/USN-1681-4
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.