9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.579 Medium
EPSS
Percentile
97.7%
This host is missing a security update for Mozilla Firefox.
# Copyright (C) 2021 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
CPE = "cpe:/a:mozilla:firefox";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.2.1.2017.10");
script_cve_id("CVE-2016-10195", "CVE-2016-10196", "CVE-2016-10197", "CVE-2016-6354", "CVE-2017-5429", "CVE-2017-5430", "CVE-2017-5432", "CVE-2017-5433", "CVE-2017-5434", "CVE-2017-5435", "CVE-2017-5436", "CVE-2017-5438", "CVE-2017-5439", "CVE-2017-5440", "CVE-2017-5441", "CVE-2017-5442", "CVE-2017-5443", "CVE-2017-5444", "CVE-2017-5445", "CVE-2017-5446", "CVE-2017-5447", "CVE-2017-5448", "CVE-2017-5449", "CVE-2017-5450", "CVE-2017-5451", "CVE-2017-5452", "CVE-2017-5453", "CVE-2017-5454", "CVE-2017-5455", "CVE-2017-5456", "CVE-2017-5458", "CVE-2017-5459", "CVE-2017-5460", "CVE-2017-5461", "CVE-2017-5462", "CVE-2017-5463", "CVE-2017-5464", "CVE-2017-5465", "CVE-2017-5466", "CVE-2017-5467", "CVE-2017-5468", "CVE-2017-5469");
script_tag(name:"creation_date", value:"2021-11-08 15:21:25 +0000 (Mon, 08 Nov 2021)");
script_version("2023-10-20T16:09:12+0000");
script_tag(name:"last_modification", value:"2023-10-20 16:09:12 +0000 (Fri, 20 Oct 2023)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-08-07 18:44:00 +0000 (Tue, 07 Aug 2018)");
script_name("Mozilla Firefox Security Advisory (MFSA2017-10) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone Networks GmbH");
script_family("General");
script_dependencies("gb_firefox_detect_lin.nasl");
script_mandatory_keys("mozilla/firefox/linux/detected");
script_xref(name:"Advisory-ID", value:"MFSA2017-10");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1342101%2C1340482%2C1344686%2C1329796%2C1346419%2C1349621%2C1344081%2C1344305%2C1348143%2C1349719%2C1353476%2C1337418%2C1346140%2C1339722");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1343261%2C1350844%2C1341096%2C1342823%2C1348894%2C1348941%2C1349340%2C1352926%2C1353088%2C");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1229426");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1273537");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1292534");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1321247");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1325955");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1329521");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1333858");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1336828");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1336830");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1336832");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1338867");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1340127");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1341191");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1342661");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1343453");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1343505");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1343552");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1343642");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1343795");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1344380");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1344415");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1344461");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1344467");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1344517");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1345089");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1345461");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1346648");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1346654");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1347075");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1347168");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1347262");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1347617");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1347979");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1349276");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1349946");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1350683");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=1353975");
script_tag(name:"summary", value:"This host is missing a security update for Mozilla Firefox.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"CVE-2017-5433: Use-after-free in SMIL animation functions
A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash.
CVE-2017-5435: Use-after-free during transaction processing in the editor
A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash.
CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products.
CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5.
CVE-2017-5459: Buffer overflow in WebGL
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash.
CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL
If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly. This allows for a cross-site scripting (XSS) attack.
CVE-2017-5434: Use-after-free during focus handling
A use-after-free vulnerability occurs when redirecting focus handling which results in a potentially exploitable crash.
CVE-2017-5432: Use-after-free in text input selection
A use-after-free vulnerability occurs during certain text input selection resulting in a potentially exploitable crash.
CVE-2017-5460: Use-after-free in frame selection
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash.
CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash.
CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash.
CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
A use-after-free vulnerability during XSLT processing due to a failure to propagate error ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"Firefox version(s) below 53.");
script_tag(name:"solution", value:"The vendor has released an update. Please see the reference(s) for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version_unreliable");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if (!infos = get_app_version_and_location(cpe: CPE, exit_no_version: TRUE))
exit(0);
version = infos["version"];
location = infos["location"];
if (version_is_less(version: version, test_version: "53")) {
report = report_fixed_ver(installed_version: version, fixed_version: "53", install_path: location);
security_message(port: 0, data: report);
exit(0);
}
exit(99);
bugzilla.mozilla.org/buglist.cgi?bug_id=1342101%2C1340482%2C1344686%2C1329796%2C1346419%2C1349621%2C1344081%2C1344305%2C1348143%2C1349719%2C1353476%2C1337418%2C1346140%2C1339722
bugzilla.mozilla.org/buglist.cgi?bug_id=1343261%2C1350844%2C1341096%2C1342823%2C1348894%2C1348941%2C1349340%2C1352926%2C1353088%2C
bugzilla.mozilla.org/show_bug.cgi?id=1229426
bugzilla.mozilla.org/show_bug.cgi?id=1273537
bugzilla.mozilla.org/show_bug.cgi?id=1292534
bugzilla.mozilla.org/show_bug.cgi?id=1321247
bugzilla.mozilla.org/show_bug.cgi?id=1325955
bugzilla.mozilla.org/show_bug.cgi?id=1329521
bugzilla.mozilla.org/show_bug.cgi?id=1333858
bugzilla.mozilla.org/show_bug.cgi?id=1336828
bugzilla.mozilla.org/show_bug.cgi?id=1336830
bugzilla.mozilla.org/show_bug.cgi?id=1336832
bugzilla.mozilla.org/show_bug.cgi?id=1338867
bugzilla.mozilla.org/show_bug.cgi?id=1340127
bugzilla.mozilla.org/show_bug.cgi?id=1341191
bugzilla.mozilla.org/show_bug.cgi?id=1342661
bugzilla.mozilla.org/show_bug.cgi?id=1343453
bugzilla.mozilla.org/show_bug.cgi?id=1343505
bugzilla.mozilla.org/show_bug.cgi?id=1343552
bugzilla.mozilla.org/show_bug.cgi?id=1343642
bugzilla.mozilla.org/show_bug.cgi?id=1343795
bugzilla.mozilla.org/show_bug.cgi?id=1344380
bugzilla.mozilla.org/show_bug.cgi?id=1344415
bugzilla.mozilla.org/show_bug.cgi?id=1344461
bugzilla.mozilla.org/show_bug.cgi?id=1344467
bugzilla.mozilla.org/show_bug.cgi?id=1344517
bugzilla.mozilla.org/show_bug.cgi?id=1345089
bugzilla.mozilla.org/show_bug.cgi?id=1345461
bugzilla.mozilla.org/show_bug.cgi?id=1346648
bugzilla.mozilla.org/show_bug.cgi?id=1346654
bugzilla.mozilla.org/show_bug.cgi?id=1347075
bugzilla.mozilla.org/show_bug.cgi?id=1347168
bugzilla.mozilla.org/show_bug.cgi?id=1347262
bugzilla.mozilla.org/show_bug.cgi?id=1347617
bugzilla.mozilla.org/show_bug.cgi?id=1347979
bugzilla.mozilla.org/show_bug.cgi?id=1349276
bugzilla.mozilla.org/show_bug.cgi?id=1349946
bugzilla.mozilla.org/show_bug.cgi?id=1350683
bugzilla.mozilla.org/show_bug.cgi?id=1353975
www.mozilla.org/en-US/security/advisories/mfsa2017-10/
MFSA2017-10
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.579 Medium
EPSS
Percentile
97.7%