Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.804089
Category:General
Title:Mozilla Firefox Multiple Vulnerabilities-01 Feb14 (Mac OS X)
Summary:This host is installed with Mozilla Firefox and is prone to multiple;vulnerabilities.
Description:Summary:
This host is installed with Mozilla Firefox and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error when handling XML Binding Language (XBL) content scopes.

- An error when handling discarded images within the 'RasterImage' class.

- An error related to the 'document.caretPositionFromPoint()' and
'document.elementFromPoint()' functions.

- An error when handling XSLT stylesheets.

- A use-after-free error related to certain content types when used with the
'imgRequestProxy()' function.

- An error when handling web workers error messages.

- An error when terminating a web worker running asm.js code after passing an
object between threads.

- A race condition error when handling session tickets within libssl.

- An error when handling JavaScript native getters on window objects.

- Additionally, a weakness exists when handling the dialog for saving downloaded
files.

Vulnerability Impact:
Successful exploitation will allow attackers to bypass certain security
restrictions and compromise a user's system.

Affected Software/OS:
Mozilla Firefox version before 27.0 on Mac OS X

Solution:
Upgrade to Mozilla Firefox version 27.0 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-1477
BugTraq ID: 65317
http://www.securityfocus.com/bid/65317
Debian Security Information: DSA-2858 (Google Search)
http://www.debian.org/security/2014/dsa-2858
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html
https://security.gentoo.org/glsa/201504-01
http://osvdb.org/102864
RedHat Security Advisories: RHSA-2014:0132
http://rhn.redhat.com/errata/RHSA-2014-0132.html
RedHat Security Advisories: RHSA-2014:0133
http://rhn.redhat.com/errata/RHSA-2014-0133.html
http://www.securitytracker.com/id/1029717
http://www.securitytracker.com/id/1029720
http://www.securitytracker.com/id/1029721
http://secunia.com/advisories/56706
http://secunia.com/advisories/56761
http://secunia.com/advisories/56763
http://secunia.com/advisories/56767
http://secunia.com/advisories/56787
http://secunia.com/advisories/56858
http://secunia.com/advisories/56888
SuSE Security Announcement: SUSE-SU-2014:0248 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html
SuSE Security Announcement: openSUSE-SU-2014:0212 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html
SuSE Security Announcement: openSUSE-SU-2014:0213 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html
SuSE Security Announcement: openSUSE-SU-2014:0419 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html
http://www.ubuntu.com/usn/USN-2102-1
http://www.ubuntu.com/usn/USN-2102-2
http://www.ubuntu.com/usn/USN-2119-1
XForce ISS Database: firefox-cve20141477-code-exec(90899)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90899
Common Vulnerability Exposure (CVE) ID: CVE-2014-1478
BugTraq ID: 65324
http://www.securityfocus.com/bid/65324
http://osvdb.org/102865
http://secunia.com/advisories/56922
XForce ISS Database: firefox-cve20141478-code-exec(90900)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90900
Common Vulnerability Exposure (CVE) ID: CVE-2014-1479
BugTraq ID: 65320
http://www.securityfocus.com/bid/65320
http://osvdb.org/102866
XForce ISS Database: firefox-cve20141479-sec-bypass(90898)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90898
Common Vulnerability Exposure (CVE) ID: CVE-2014-1480
BugTraq ID: 65331
http://www.securityfocus.com/bid/65331
http://osvdb.org/102867
XForce ISS Database: firefox-cve20141480-spoofing(90897)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90897
Common Vulnerability Exposure (CVE) ID: CVE-2014-1481
BugTraq ID: 65326
http://www.securityfocus.com/bid/65326
http://osvdb.org/102863
XForce ISS Database: firefox-cve20141481-sec-bypass(90883)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90883
Common Vulnerability Exposure (CVE) ID: CVE-2014-1482
BugTraq ID: 65328
http://www.securityfocus.com/bid/65328
http://osvdb.org/102868
XForce ISS Database: firefox-cve20141482-code-exec(90894)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90894
Common Vulnerability Exposure (CVE) ID: CVE-2014-1483
BugTraq ID: 65316
http://www.securityfocus.com/bid/65316
http://osvdb.org/102869
XForce ISS Database: firefox-cve20141483-info-disc(90893)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90893
Common Vulnerability Exposure (CVE) ID: CVE-2014-1485
BugTraq ID: 65322
http://www.securityfocus.com/bid/65322
http://osvdb.org/102871
XForce ISS Database: firefox-xslt-cve20141485xss(90891)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90891
Common Vulnerability Exposure (CVE) ID: CVE-2014-1486
BugTraq ID: 65334
http://www.securityfocus.com/bid/65334
http://osvdb.org/102872
XForce ISS Database: firefox-cve20141486-code-exec(90890)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90890
Common Vulnerability Exposure (CVE) ID: CVE-2014-1487
BugTraq ID: 65330
http://www.securityfocus.com/bid/65330
http://osvdb.org/102873
XForce ISS Database: mozilla-cve20141487-info-disc(90889)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90889
Common Vulnerability Exposure (CVE) ID: CVE-2014-1488
BugTraq ID: 65321
http://www.securityfocus.com/bid/65321
http://osvdb.org/102875
XForce ISS Database: firefox-cve20141488-dos(90887)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90887
Common Vulnerability Exposure (CVE) ID: CVE-2014-1489
BugTraq ID: 65329
http://www.securityfocus.com/bid/65329
http://osvdb.org/102874
XForce ISS Database: firefox-cve20141489-sec-bypass(90888)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90888
Common Vulnerability Exposure (CVE) ID: CVE-2014-1490
BugTraq ID: 65335
http://www.securityfocus.com/bid/65335
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://seclists.org/fulldisclosure/2014/Dec/23
http://osvdb.org/102876
XForce ISS Database: mozilla-nss-cve20141490-code-exec(90885)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90885
Common Vulnerability Exposure (CVE) ID: CVE-2014-1491
BugTraq ID: 65332
http://www.securityfocus.com/bid/65332
Debian Security Information: DSA-2994 (Google Search)
http://www.debian.org/security/2014/dsa-2994
XForce ISS Database: firefox-nss-cve20141491-unspecified(90886)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90886
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.