搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be?

  • 5 个回答
  • 2 人有此问题
  • 1 次查看
  • 最后回复者为 James

more options

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories:

Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users.

The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level).

These need to be fixed!

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories: Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users. The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level). These need to be fixed!

被采纳的解决方案

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

定位到答案原位置 👍 0

所有回复 (5)

more options

Bruder0069 said

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be? ... When I run a vulnerability scan using Bitdefender, it tells me that I have (24) These need to be fixed!

They are fixed if you were using Firefox 48.0 that was Released on Aug 2nd.

https://www.mozilla.org/firefox/releases/ https://www.mozilla.org/security/known-vulnerabilities/firefox/

由James于修改

more options

Thank you, James - that is news to me, because when I click on 'About Firefox' under the ? heading and it takes me to the page where Firefox checks for updates, it tells me that my version (47.0.1) is the latest version. Also, I did not see any reference on the Firefox home page as to what the numerical identification of the latest version actually IS, so, it seems like there is something wrong somewhere in the information loop.

But, I will try the manual update based on your above links - thanks.

more options

Kaspersky had a similar notice but with more information on Firefox versions affected and fixed. from https://threats.kaspersky.com/en/vulnerability/KLA10852/

If only Bitdefender did the same.

由James于修改

more options

选择的解决方案

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

由Bruder0069于修改

more options

There has been a crash issue on Windows with 48.0.1/48.0.2 so updates to those versions have turned off at times.

When these sort of notices comes up saying version you are using has known vulnerabilities there is almost always a new major release out. The minor updates are for allowed stability or even security fixes that could not wait for next Release.

由James于修改