Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623121201424HistoryNov 11, 2021 - 12:00 a.m.
Mozilla Firefox Security Advisory (MFSA2014-24) - Deprecated
2021-11-1100:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
1
9.6 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
74.1%
This host is missing a security update for Mozilla Firefox.
This VT has been deprecated and is therefore no longer functional.
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.2.1.2014.24");
script_cve_id("CVE-2014-1506");
script_tag(name:"creation_date", value:"2021-11-11 09:42:47 +0000 (Thu, 11 Nov 2021)");
script_version("2024-04-04T05:05:25+0000");
script_tag(name:"last_modification", value:"2024-04-04 05:05:25 +0000 (Thu, 04 Apr 2024)");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:P");
script_name("Mozilla Firefox Security Advisory (MFSA2014-24) - Deprecated");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("General");
script_xref(name:"Advisory-ID", value:"MFSA2014-24");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2014-24/");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=944374");
script_tag(name:"summary", value:"This host is missing a security update for Mozilla Firefox.
This VT has been deprecated and is therefore no longer functional.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Android Crash Reporter open to manipulation
Firefox for Android includes a Crash Reporter which sends crash data to
Mozilla for analysis. Security researcher Roee Hay reported
that third party Android applications could launch the crash reporter with their
own arguments. Normally applications cannot read the private files of another
application, but this vulnerability allowed a malicious application to specify a
local file in the Firefox profile and it to its own server leading to
information disclosure. The crash reporter can also be invoked in a manner
causing an immediate crash of Firefox, leading to a potential denial of service
(DOS) attack.");
script_tag(name:"affected", value:"Firefox version(s) below 28.");
script_tag(name:"solution", value:"The vendor has released an update. Please see the reference(s) for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version_unreliable");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);
Related
prion
prion
Directory traversal
2014-03-19 10:55:00
cve
cve
CVE-2014-1506
2014-03-19 10:55:00
cvelist
cvelist
CVE-2014-1506
2014-03-19 10:00:00
ubuntucve
ubuntucve
CVE-2014-1506
2014-03-19 00:00:00
seebug
seebug
Mozilla Firefox for Android目录遍历漏洞
2014-04-01 00:00:00
mozilla
mozilla
Android Crash Reporter open to manipulation — Mozilla
2014-03-18 00:00:00
nessus
nessus
Mozilla Firefox for Android < 28.0 Multiple Vulnerabilities
2014-03-26 00:00:00
thn
thn
Multiple Vulnerabilities in Firefox for Android Leak Sensitive Information
2014-03-26 22:00:00
securityvulns
securityvulns
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-03-19 00:00:00
9.6 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.004 Low
EPSS
Percentile
74.1%
Related for OPENVAS:13614125623121201424