Mozilla/Firefox Default Installation File Permission Flaw Network Vulnerability

Summary

The remote host is using Mozilla and/or Firefox, an alternative web browser. The remote version of this software is prone to an improper file permission setting. This flaw only exists if the browser is installed by the Mozilla Foundation package management, thus this alert might be a false positive. A local attacker could overwrite arbitrary files or execute arbitrary code in the context of the user running the browser.

Solution

Update to the latest version of the software

Severity

Classification

CVE CVE-2004-0906
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Opera web browser address bar spoofing weakness (2)
Orbit Downloader File Deletion ActiveX Vulnerability
MS Windows taskmgr.exe Information Disclosure Vulnerability
Detect the HTTP RPC endpoint mapper
Fraudulent Digital Certificates Spoofing Vulnerability (2607712)

Mozilla/Firefox default installation file permission flaw

Take action and discover your vulnerabilities