The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:0527 advisory.

  - Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125)

  - Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07) (CVE-2018-5127)

  - Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07) (CVE-2018-5129)

  - Mozilla: Mismatched RTP payload type can trigger memory corruption (MFSA 2018-07) (CVE-2018-5130)

  - Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources (MFSA 2018-07)     (CVE-2018-5131)

  - Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07) (CVE-2018-5144)

  - Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 7 : firefox (RHSA-2018:0527)

critical Nessus Plugin ID 108397

Version 1.12

Version 1.11

Version 1.12 Jan 30, 2025, 8:02 AM Exploit attributes ("Exploit available" set to "False") Exploit attributes ("Exploitability ease" set to "No known exploits are available") Plugin Feed: 202501300802
Version 1.11 Apr 28, 2024, 2:25 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") CVSSv2 score source (set to "CVE-2018-5145") Detection (updated detection logic) Plugin metadata Reference Plugin Feed: 202404281425