Test ID:	1.3.6.1.4.1.25623.1.2.1.2015.24
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2015-24) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Reading of local files through manipulation of form autocomplete Security researcher Armin Razmdjou reported that a user readable file in a known local path could be uploaded to a malicious site. This was done by manipulating the autocomplete feature in a form and user interaction with it. While the local file is not visibly uploaded through the form, its contents are made available through the Document Object Model (DOM) to script content on the attacking page, leading to information disclosure. Affected Software/OS: Firefox version(s) below 36. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0822 BugTraq ID: 72756 http://www.securityfocus.com/bid/72756 Debian Security Information: DSA-3174 (Google Search) http://www.debian.org/security/2015/dsa-3174 Debian Security Information: DSA-3179 (Google Search) http://www.debian.org/security/2015/dsa-3179 https://security.gentoo.org/glsa/201504-01 RedHat Security Advisories: RHSA-2015:0265 http://rhn.redhat.com/errata/RHSA-2015-0265.html RedHat Security Advisories: RHSA-2015:0266 http://rhn.redhat.com/errata/RHSA-2015-0266.html RedHat Security Advisories: RHSA-2015:0642 http://rhn.redhat.com/errata/RHSA-2015-0642.html http://www.securitytracker.com/id/1031791 http://www.securitytracker.com/id/1031792 SuSE Security Announcement: SUSE-SU-2015:0412 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html SuSE Security Announcement: SUSE-SU-2015:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00006.html SuSE Security Announcement: SUSE-SU-2015:0447 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:0404 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0448 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00008.html SuSE Security Announcement: openSUSE-SU-2015:0567 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html SuSE Security Announcement: openSUSE-SU-2015:0570 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-03/msg00067.html SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2505-1 http://www.ubuntu.com/usn/USN-2506-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.