Mozilla Project reports :

Firefox user zbyte reported a crash that we determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, such as escape(), the Just-in-Time (JIT) compiler could get into a corrupt state. This could be exploited by an attacker to run arbitrary code such as installing malware.

This vulnerability does not affect earlier versions of Firefox which do not support the JIT feature.

Firefox 3.5 is installed on the remote host.  This version is potentially affected by multiple flaws :

  - It may be possible to crash the browser or potentially     execute arbitrary code by using a flash object that     presents a slow script dialog. (MFSA 2009-35)

  - In certain cases after a return from a native function,     such as escape(), the Just-in-Time (JIT) compiler could     get into a corrupt state. An attacker who is able to     trick a user of the affected software into visiting a     malicious link may be able to leverage this issue to     run arbitrary code subject to the user's privileges.
    (MFSA 2009-41)

Update to new upstream Firefox version 3.5.1, fixing multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.1 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Mozilla Firefox,       Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the       CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to view a specially crafted web       page or email, possibly resulting in execution of arbitrary code or a       Denial of Service condition. Furthermore, a remote attacker may be able       to perform Man-in-the-Middle attacks, obtain sensitive information,       bypass restrictions and protection mechanisms, force file downloads,       conduct XML injection attacks, conduct XSS attacks, bypass the Same       Origin Policy, spoof URL&rsquo;s for phishing attacks, trigger a vertical       scroll, spoof the location bar, spoof an SSL indicator, modify the       browser&rsquo;s font, conduct clickjacking attacks, or have other unspecified       impact.
    A local attacker could gain escalated privileges, obtain sensitive       information, or replace an arbitrary downloaded file.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Published	Updated	Severity
39867	FreeBSD : mozilla -- corrupt JIT state after deep return from native function (c1ef9b33-72a6-11de-82ea-0030843d3802)	Nessus	FreeBSD Local Security Checks	7/20/2009	1/6/2021	high
39853	Firefox 3.5.x < 3.5.1 Multiple Vulnerabilities	Nessus	Windows	7/17/2009	7/16/2018	high
40347	Fedora 11 : kazehakase-0.5.6-11.svn3771_trunk.fc11.3 / Miro-2.0.5-2.fc11 / blam-1.8.5-12.fc11 / etc (2009-7898)	Nessus	Fedora Local Security Checks	7/23/2009	1/11/2021	high
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	1/8/2013	12/5/2022	critical

Detections

Analytics

Plugins Search

high

high

high

critical