Firefox < 2.0.0.19 / 3.0.5 Multiple Vulnerabilities

high Nessus Plugin ID 35218

Synopsis

The remote Windows host contains a web browser that is affected by multiple vulnerabilities.

Description

The installed version of Firefox is earlier than 2.0.0.19. Such versions are potentially affected by the following security issues :

- There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2008-60)

- XBL bindings can be used to read data from other domains. (MFSA 2008-61)

- The feed preview still allows for JavaScript privilege escalation. (MFSA 2008-62)

- Sensitive data may be disclosed in an XHR response when an XMLHttpRequest is made to a same-origin resource, which 302 redirects to a resource in a different domain. (MFSA 2008-64)

- A website may be able to access a limited amount of data from a different domain by loading a same-domain JavaScript URL which redirects to an off-domain target resource containing data which is not parsable as JavaScript. (MFSA 2008-65)

- Errors arise when parsing URLs with leading whitespace and control characters. (MFSA 2008-66)

- An escaped null byte is ignored by the CSS parser and treated as if it was not present in the CSS input string. (MFSA 2008-67)

- Cross-site scripting and JavaScript privilege escalation are possible. (MFSA 2008-68)

- Cross-site scripting vulnerabilities in SessionStore may allow for violating the browser's same-origin policy and performing an XSS attack or running arbitrary JavaScript with chrome privileges. (MFSA 2008-69)

- Creating a Select object with a very large length can result in memory exhaustion, causing a denial of service. (CVE-2009-2535)

Note that Mozilla is not planning further security / stability updates for Firefox 2.

Solution

Upgrade to Firefox 2.0.0.19 / 3.0.5 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2008-60/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-61/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-62/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-64/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-65/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-66/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-67/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-68/

https://www.mozilla.org/en-US/security/advisories/mfsa2008-69/

https://www.securityfocus.com/archive/1/504969/100/0/threaded

http://www.nessus.org/u?b33f7ccb

Plugin Details

Severity: High

ID: 35218

File Name: mozilla_firefox_20019.nasl

Version: 1.17

Type: local

Agent: windows

Family: Windows

Published: 12/17/2008

Updated: 11/15/2018

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Required KB Items: Mozilla/Firefox/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/16/2008

Reference Information

CVE: CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513, CVE-2009-2535

BID: 32882, 35446

CWE: 189, 20, 200, 264, 399, 79