Test ID:	1.3.6.1.4.1.25623.1.2.1.2013.75
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2013-75) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Local Java applets may read contents of local file system Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:/// URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on the local file system. Mozilla developer John Schoenick later discovered that fixes for this issue were inadequate and allowed the invocation of Java applets to bypass security checks in additional circumstances. This could lead to untrusted Java applets having read-only access on the local files system if used in conjunction with a method to download a file to a known or guessable path. Affected Software/OS: Firefox version(s) below 23. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 5.4 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1717 BugTraq ID: 61896 http://www.securityfocus.com/bid/61896 Debian Security Information: DSA-2735 (Google Search) http://www.debian.org/security/2013/dsa-2735 Debian Security Information: DSA-2746 (Google Search) http://www.debian.org/security/2013/dsa-2746 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18367
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.