Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Avant Browser is detected as FireFox (with a not up to date versi...

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Avant Force
And, this specific program:
Avant Browser 2013

This thread has been marked as locked.
arie12 Avant Browser is detected as FireFox (with a not up to date version number)
Member 18th Dec, 2013 20:32
Ranking: 0
Posts: 2
User Since: 18th Dec, 2013
System Score: N/A
Location: NL
Last edited on 18th Dec, 2013 20:35

The Avant Browser is detected as a FireFox browser with a not up to date version number (25.0.0.5051).
The Avant Browser is updated to the latest available version.

Website Avant Browser: http://www.avantbrowser.com/default.aspx?uil=en

Avant Browser Change log
Avant Browser 2013 build 119, Released 11.06.2013
[Update]support IE 11
[Update]Firefox:25.0.0.5051
[Update]Chrome:30.0.1599.101
[Fix]Cannot open Help page
[Fix]Cannot load certain speed dial
[Fix]Cannot input text under firefox engine sometimes
[Fix]Cannot save non- English URL alias
[Fix]Other minor problems

FireFox (Aurora)
A separately installed version of FireFox seems not to be detected/recognized by PSI when using the Aurora channel (beta version).

Anthony Wells RE: Avant Browser is detected as FireFox (with a not up to date version number)
Expert Contributor 18th Dec, 2013 21:17
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

Your Avant browser update119 dates to 06/11/2013 and both the Chrome and Firefox Browser (engine) versions displayed are currently out of date and "insecure" .

The current Stable secure versions are :-

Chrome 31.0.1650.63 and Firefox 26.0

I am guessing that the PSI is picking up the Firefox information from the metadata it collects on Avant . If so , then you need to contact the software provider asap and ask them if update 119 is still safe running out of "date/potentially insecure" Gecko and Webkit engine installations .

It would help (my guess) if you could post the actual detection path that the PSI is using for the Firefox.exe file and in which version of the PSI.

As you have discovered , the PSI does not follow/display nightlies , alpha (Aurora) or Beta software builds .

Hope that helps .

anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
mogs RE: Avant Browser is detected as FireFox (with a not up to date version number)
Expert Contributor 18th Dec, 2013 21:27
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Avant 2013 is shown as not vulnerable in the Secunia Advisory here :-
http://secunia.com/advisories/product/44823/

Excerpt

Vulnerability Report: Avant Browser 2013



This vulnerability report for Avant Browser 2013 contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Avant Browser 2013 then you are more than welcome to contact us.




Most Critical Unpatched
There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied..

Regards.......mogs




--
Was this reply relevant?
+0
-0
Anthony Wells RE: Avant Browser is detected as FireFox (with a not up to date version number)
Expert Contributor 18th Dec, 2013 22:10
Score: 2437
Posts: 3,324
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi Mogs ,

The latest SA for Avant shows to update to build 119 because of the insecurities in Ff 24.0.x and Chrome 29.0.x and 30.0.x .

Since then a number of insecurities and relevant SA's have been found for the Ff and Chrome engine versions installed in build 119 . As you know , the PSI will not show an update until there is one and as there is no 120 build as yet the PSI cannot suggest an update . Is the embedded 25.x version a potential vulnerability ?? The PSI tends by design to ignore "embedded" vulnerabilities - a process I personally dislike -but it has displayed Ff (rightly or wrongly) .

Equally , there are are no current SA's for Avant , post build 119 , but perhaps secunia are not up to date in checking this software ; hence my suggestion that the OP contact the supplier to determine whether potentially insecure browser engines are indeed safe to use .

I would certainly like to have a response from both the Avant and Secunia support systems before I went surfing the unknown . Wouldn't you ??

Take care

Anthony





--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
mogs RE: Avant Browser is detected as FireFox (with a not up to date version number)
Expert Contributor 18th Dec, 2013 23:13
Score: 2265
Posts: 6,266
User Since: 22nd Apr 2009
System Score: 100%
Location: UK
Hi Anthony....

You're obviously much more familiar with the vagueries of Avant than I......It's very doubtful at the least I'd put the thing on my machine, given your assesment.....I don't stray too far into the known jungle....never mind the unexplored !!
Live poet don't always mix much nor get repeated...Dead...many legacies.....fast moving on line society........Mr Obama was right on the button ?!
A peacekeeper....the essence of the man ?

It's possible there's too many....and too much corruption ? We can become too caring with our words ?


--
Was this reply relevant?
+0
-0
arie12 RE: Avant Browser is detected as FireFox (with a not up to date version number)
Member 19th Dec, 2013 20:40
Score: 0
Posts: 2
User Since: 18th Dec 2013
System Score: N/A
Location: NL
Last edited on 23rd Dec, 2013 12:52
on 18th Dec, 2013 21:17, Anthony Wells wrote:


It would help (my guess) if you could post the actual detection path that the PSI is using for the Firefox.exe file and in which version of the PSI.

As you have discovered , the PSI does not follow/display nightlies , alpha (Aurora) or Beta software builds .

Hope that helps .

anthony


This is the detection path of the Avant Browser to the FireFox (Gecko) engine
D:\Program Files (x86)\Avant Browser\gecko\firefox.exe (25.0.0.5051)
Not detected path to the Chrome engine:
D:\Program Files (x86)\Avant Browser\webkit\chrome.exe (30.0.1599.101)

when using:
Personal Software Inspector (PSI): 3.0.0.9016

Update:
Avant Browser 2013 build 120, Released 12.22.2013

[Update]Firefox:26.0.0.5097
[Update]Chrome:31.0.1650.63
[Fix]Cannot save logins under Chrome engine
[Fix]Problem of full screen/full destop mode
[Fix]status bar will flash outwhen moving mouse to the top under full screen/desktop mode
[Fix]Search bar cannot get focus when right clicking it
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability