You are here

V-214: Mozilla Firefox Multiple Vulnerabilities

August 8, 2013 - 2:16am

Addthis

PROBLEM:

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

PLATFORM:

Mozilla Firefox 22.x

ABSTRACT:

The vulnerabilities are reported in versions prior to 23.0.

REFERENCE LINKS:

Secunia Advisory SA54418
 CVE-2013-1701
CVE-2013-1702
CVE-2013-1704
CVE-2013-1705
CVE-2013-1706
CVE-2013-1707
CVE-2013-1709
CVE-2013-1710
CVE-2013-1711
CVE-2013-1713
CVE-2013-1714
CVE-2013-1717

IMPACT ASSESSMENT:

High

DISCUSSION:

Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

IMPACT:

Security Bypass, Spoofing, Exposure of sensitive information, Privilege escalation, System access
 

SOLUTION:

Upgrade to version 23.0

 

Addthis