Este site está com funcionalidades limitadas enquanto realizamos manutenção para melhorar sua experiência de uso. Se nenhum artigo resolver seu problema e você quiser fazer uma pergunta, nossa comunidade de suporte pode te ajudar em @FirefoxSupport no Twitter e /r/firefox no Reddit.

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be?

  • 5 respostas
  • 2 têm este problema
  • 1 exibição
  • Última resposta de James

more options

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories:

Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users.

The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level).

These need to be fixed!

When I run a vulnerability scan using Bitdefender, it tells me that I have (24) vulnerabilities under the following categories: Execute Code: By exploiting this vulnerability the attacker has the ability to execute code on the victim's system Gain Information: By exploiting this vulnerability the attacker has the ability to access information (usually files) on the victim's system Denial of Service: By exploiting this vulnerability the attacker can block access to certain resources or to the entire system Bypass: By exploiting this resource the attacker can gain access to a restricted resource without being required to authenticate Cross Site Scripting (XSS): By exploiting this vulnerability the attacker can inject malicious script code into web pages viewed by other users. The vulnerability/threat level is given (3) red dots (with 4-5 red dots being the highest threat level). These need to be fixed!

Solução escolhida

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

Ler esta resposta 👍 0

Todas as respostas (5)

more options

Bruder0069 said

Bitdefender tells me I have (24) vulnerabilities over (5) categories in FF version 47.0.1 -how can this be? ... When I run a vulnerability scan using Bitdefender, it tells me that I have (24) These need to be fixed!

They are fixed if you were using Firefox 48.0 that was Released on Aug 2nd.

https://www.mozilla.org/firefox/releases/ https://www.mozilla.org/security/known-vulnerabilities/firefox/

Alterado por James em

more options

Thank you, James - that is news to me, because when I click on 'About Firefox' under the ? heading and it takes me to the page where Firefox checks for updates, it tells me that my version (47.0.1) is the latest version. Also, I did not see any reference on the Firefox home page as to what the numerical identification of the latest version actually IS, so, it seems like there is something wrong somewhere in the information loop.

But, I will try the manual update based on your above links - thanks.

more options

Kaspersky had a similar notice but with more information on Firefox versions affected and fixed. from https://threats.kaspersky.com/en/vulnerability/KLA10852/

If only Bitdefender did the same.

Alterado por James em

more options

Solução escolhida

I am going to mark my question as solved, but only because of the link in your above/first response, which (BTW) led me to an even more recent FF version 84.0.1 release of August 26th.

However, I still feel that there should be some information on the beautiful FF home page (or a direct link) as to the latest version and release date, and, when I followed the directions on how to check for and "update" the latest version, the FF site (not my security program) told me I had the latest version, which was not true.

So, the fact remains that I had to take to this forum and spend considerable time and effort to find the answer to what could/should? have been an automatic update to the version I was running with the above-outlined vulnerabilities described within/by my Bitdefender vulnerability scan.

It isn't a negative reflection on Bitdefender, IMO, as you seem to be implying at the end of your second response above, as BD provided a direct hot link to the FF website from the vulnerability scan module within BD, but rather, some failing of FF. However, your posting of the Kapersky data was very impressive indeed.

Thanks again.

Alterado por Bruder0069 em

more options

There has been a crash issue on Windows with 48.0.1/48.0.2 so updates to those versions have turned off at times.

When these sort of notices comes up saying version you are using has known vulnerabilities there is almost always a new major release out. The minor updates are for allowed stability or even security fixes that could not wait for next Release.

Alterado por James em