(CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - Improper handling of the 'IFRAME' element in PDF.js could result in reading arbitrary files and arbitrary JavaScript code execution.
(CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. Description The installed version of Firefox is earlier than 25.0 and is, therefore, potentially affected by multiple vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. Synopsis The remote Mac OS X host contains a web browser that is potentially affected by multiple vulnerabilities.
0 kommentar(er)
