10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.963 High
EPSS
Percentile
99.5%
The version of Mozilla Firefox ESR installed on the remote Windows host is prior to 38.7. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(89874);
script_version("1.10");
script_cvs_date("Date: 2019/11/20");
script_cve_id(
"CVE-2016-1950",
"CVE-2016-1952",
"CVE-2016-1954",
"CVE-2016-1957",
"CVE-2016-1958",
"CVE-2016-1960",
"CVE-2016-1961",
"CVE-2016-1962",
"CVE-2016-1964",
"CVE-2016-1965",
"CVE-2016-1966",
"CVE-2016-1974",
"CVE-2016-1977",
"CVE-2016-2790",
"CVE-2016-2791",
"CVE-2016-2792",
"CVE-2016-2793",
"CVE-2016-2794",
"CVE-2016-2795",
"CVE-2016-2796",
"CVE-2016-2797",
"CVE-2016-2798",
"CVE-2016-2799",
"CVE-2016-2800",
"CVE-2016-2801",
"CVE-2016-2802"
);
script_xref(name:"MFSA", value:"2016-16");
script_xref(name:"MFSA", value:"2016-17");
script_xref(name:"MFSA", value:"2016-20");
script_xref(name:"MFSA", value:"2016-21");
script_xref(name:"MFSA", value:"2016-23");
script_xref(name:"MFSA", value:"2016-24");
script_xref(name:"MFSA", value:"2016-25");
script_xref(name:"MFSA", value:"2016-27");
script_xref(name:"MFSA", value:"2016-28");
script_xref(name:"MFSA", value:"2016-31");
script_xref(name:"MFSA", value:"2016-34");
script_xref(name:"MFSA", value:"2016-35");
script_xref(name:"MFSA", value:"2016-37");
script_name(english:"Firefox ESR < 38.7 Multiple Vulnerabilities");
script_summary(english:"Checks the version of Firefox.");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a web browser that is affected by
multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Mozilla Firefox ESR installed on the remote Windows
host is prior to 38.7. It is, therefore, affected by multiple
vulnerabilities, the majority of which are remote code execution
vulnerabilities. An unauthenticated, remote attacker can exploit these
issues by convincing a user to visit a specially crafted website,
resulting in the execution of arbitrary code in the context of the
current user.");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/");
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/");
script_set_attribute(attribute:"solution", value:
"Upgrade to Mozilla Firefox ESR version 38.7 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1962");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/03/08");
script_set_attribute(attribute:"patch_publication_date", value:"2016/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/11");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:firefox_esr");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("Mozilla/Firefox/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item("SMB/transport");
if (!port) port = 445;
installs = get_kb_list("SMB/Mozilla/Firefox/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "Firefox");
mozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'38.7', severity:SECURITY_HOLE);
Vendor | Product | Version | CPE |
---|---|---|---|
mozilla | firefox_esr | cpe:/a:mozilla:firefox_esr |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
www.mozilla.org/en-US/security/advisories/mfsa2016-16/
www.mozilla.org/en-US/security/advisories/mfsa2016-17/
www.mozilla.org/en-US/security/advisories/mfsa2016-20/
www.mozilla.org/en-US/security/advisories/mfsa2016-21/
www.mozilla.org/en-US/security/advisories/mfsa2016-23/
www.mozilla.org/en-US/security/advisories/mfsa2016-24/
www.mozilla.org/en-US/security/advisories/mfsa2016-25/
www.mozilla.org/en-US/security/advisories/mfsa2016-27/
www.mozilla.org/en-US/security/advisories/mfsa2016-28/
www.mozilla.org/en-US/security/advisories/mfsa2016-31/
www.mozilla.org/en-US/security/advisories/mfsa2016-34/
www.mozilla.org/en-US/security/advisories/mfsa2016-35/
www.mozilla.org/en-US/security/advisories/mfsa2016-37/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.963 High
EPSS
Percentile
99.5%