当サイトはユーザー体験を改善するためのメンテナンスを実施中に機能が制限される予定です。記事を読んでもあなたの問題が解決せず質問をしたい場合は、Twitter の @FirefoxSupport、Reddit の /r/firefox で、サポートコミュニティが皆さんを助けようと待機しています。

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be?

  • 5 件の返信
  • 2 人がこの問題に困っています
  • 1 回表示
  • 最後の返信者: James

more options

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories:

Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users.

The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level).

These need to be fixed!

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories: Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users. The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level). These need to be fixed!

選ばれた解決策

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

この回答をすべて読む 👍 0

すべての返信 (5)

more options

Bruder0069 said

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be? ... When I run a vulnerability scan using Bitdefender, it tells me that I have (24) These need to be fixed!

They are fixed if you were using Firefox 48.0 that was Released on Aug 2nd.

https://www.mozilla.org/firefox/releases/ https://www.mozilla.org/security/known-vulnerabilities/firefox/

この投稿は James により に変更されました

more options

Thank you, James - that is news to me, because when I click on 'About Firefox' under the ? heading and it takes me to the page where Firefox checks for updates, it tells me that my version (47.0.1) is the latest version. Also, I did not see any reference on the Firefox home page as to what the numerical identification of the latest version actually IS, so, it seems like there is something wrong somewhere in the information loop.

But, I will try the manual update based on your above links - thanks.

more options

Kaspersky had a similar notice but with more information on Firefox versions affected and fixed. from https://threats.kaspersky.com/en/vulnerability/KLA10852/

If only Bitdefender did the same.

この投稿は James により に変更されました

more options

選ばれた解決策

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

この投稿は Bruder0069 により に変更されました

more options

There has been a crash issue on Windows with 48.0.1/48.0.2 so updates to those versions have turned off at times.

When these sort of notices comes up saying version you are using has known vulnerabilities there is almost always a new major release out. The minor updates are for allowed stability or even security fixes that could not wait for next Release.

この投稿は James により に変更されました