Test ID:	1.3.6.1.4.1.25623.1.2.1.2012.37
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2012-37) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Information disclosure though Windows file shares and shortcut files Security researcher Paul Stone reported an attack where an HTML page hosted on a Windows share and then loaded could then load Windows shortcut files (.lnk) in the same share. These shortcut files could then link to arbitrary locations on the local file system of the individual loading the HTML page. That page could show the contents of these linked files or directories from the local file system in an iframe, causing information disclosure. Affected Software/OS: Firefox version(s) below 13. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1945 http://www.mandriva.com/security/advisories?name=MDVSA-2012:088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16743 RedHat Security Advisories: RHSA-2012:0710 http://rhn.redhat.com/errata/RHSA-2012-0710.html RedHat Security Advisories: RHSA-2012:0715 http://rhn.redhat.com/errata/RHSA-2012-0715.html SuSE Security Announcement: SUSE-SU-2012:0746 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0760 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.