MiracleLinux 3 : firefox-24.4.0-1.0.1.AXS3 (AXSA:2014-233:01)

🗓️ 19 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 3 fixes Firefox vulnerabilities (CVE-2014-1493, 1497, 1505, 1508) that could cause denial of service or data exposure.

Reporter	Title	Published	Views	Family All 702
IBM Security Bulletins	Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified system (CVE-2013-5609, CVE-2013-5610, CVE-2013-5611, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, CVE-2013-6	18 Jun 201800:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities.	26 Sep 202204:23	–	ibm
IBM Security Bulletins	Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified system (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)	18 Jun 201800:08	–	ibm
IBM Security Bulletins	Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2013-5609, CVE-2013-5610, CVE-2013-5611, CVE-2013-5612, CVE-2013-5613, CVE-2013-5614, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, CVE-2013-6671, CVE-2013-6672, CVE	18 Jun 201800:07	–	ibm
IBM Security Bulletins	Security Bulletin: Mozilla firefox vulnerability issues on IBM SONAS (CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514)	18 Jun 201800:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storwize V7000 Unified Update Includes Fixes for Multiple Vendor Security Vulnerabilities.	26 Sep 202204:23	–	ibm
0day.today	Firefox WebIDL Privileged Javascript Injection Exploit	28 Aug 201400:00	–	zdt
FreeBSD	mozilla -- multiple vulnerabilities	4 Feb 201400:00	–	freebsd
FreeBSD	mozilla -- multiple vulnerabilities	19 Mar 201400:00	–	freebsd
FreeBSD	mozilla -- multiple vulnerabilities	25 Jun 201300:00	–	freebsd

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/4669
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-233:01.
##

include('compat.inc');

if (description)
{
  script_id(291504);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/05");

  script_cve_id(
    "CVE-2013-5609",
    "CVE-2013-5612",
    "CVE-2013-5613",
    "CVE-2013-5614",
    "CVE-2013-5616",
    "CVE-2013-5618",
    "CVE-2013-6671",
    "CVE-2014-1477",
    "CVE-2014-1479",
    "CVE-2014-1481",
    "CVE-2014-1493",
    "CVE-2014-1497",
    "CVE-2014-1505",
    "CVE-2014-1508",
    "CVE-2014-1509",
    "CVE-2014-1510",
    "CVE-2014-1511",
    "CVE-2014-1512",
    "CVE-2014-1513",
    "CVE-2014-1514"
  );

  script_name(english:"MiracleLinux 3 : firefox-24.4.0-1.0.1.AXS3 (AXSA:2014-233:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the
AXSA:2014-233:01 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and
    portability.
    Security issues fixed with this release:
     CVE-2014-1493
    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR
    24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a
    denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown
    vectors.
     CVE-2014-1497
    The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before
    24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive
    information from process heap memory, cause a denial of service (out-of-bounds read and application
    crash), or possibly have unspecified other impact via a crafted WAV file.
     CVE-2014-1505
    The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird
    before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-
    correlation information, and possibly bypass the Same Origin Policy and read text from a different domain,
    via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.
     CVE-2014-1508
    The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,
    Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information
    from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly
    bypass the Same Origin Policy via vectors involving MathML polygon rendering.
     CVE-2014-1509
    Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before
    28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote
    attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document.
     CVE-2014-1510
    The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird
    before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with
    chrome privileges by using an IDL fragment to trigger a window.open call.
     CVE-2014-1511
    Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before
    2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
     CVE-2014-1512
    Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before
    28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote
    attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is
    occurring, as demonstrated by improper handling of BumpChunk objects.
     CVE-2014-1513
    TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before
    24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer
    object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based
    out-of-bounds write or read) via a crafted web site.
     CVE-2014-1514
    vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before
    24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy
    operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-
    bounds write and application crash) by triggering incorrect use of the TypedArrayObject class.
     CVE-2013-5609
    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR
    24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a
    denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown
    vectors.
     CVE-2013-5612
    Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it
    easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy
    violation triggered by lack of a charset parameter in a Content-Type HTTP header.
     CVE-2013-5613
    Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before
    26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote
    attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors
    involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function.
     CVE-2013-5614
    Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an
    IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass
    intended sandbox restrictions via a crafted web site.
     CVE-2013-5616
    Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox
    before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows
    remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via
    vectors related to mListeners event listeners.
     CVE-2013-5618
    Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface
    in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before
    24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by triggering improper
    garbage collection.
     CVE-2013-6671
    The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2,
    Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via
    crafted use of JavaScript code for ordered list elements.
     CVE-2014-1477
    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR
    24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a
    denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown
    vectors.
     CVE-2014-1479
    The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,
    Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which
    allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content
    scopes.
     CVE-2014-1481
    Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before
    2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency
    in native getter methods across different JavaScript engines.
     CVE-2014-1482
    RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and
    SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute
    arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as
    demonstrated by Goo Create.
     CVE-2014-1486
    Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR
    24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute
    arbitrary code via vectors involving unspecified Content-Type values for image data.
     CVE-2014-1487
    The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird
    before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain
    sensitive authentication information via vectors involving error messages.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/4669");
  script_set_attribute(attribute:"solution", value:
"Update the affected firefox package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-1512");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-1514");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Firefox WebIDL Privileged Javascript Injection');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/12/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:firefox");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:3");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^3([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 3.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '3',
    'pkgs': [
      {'reference':'firefox-24.4.0-1.0.1.AXS3', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');
}

05 Feb 2026 00:00Current

8.6High risk

Vulners AI Score8.6

CVSS 210

CVSS 3.19.8

EPSS0.71088