Detections
Analytics
FreeBSD : mozilla -- multiple vulnerabilities (81f866ad-41a4-11e3-a4af-0025905a4771)
critical Nessus Plugin ID 70701
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
The Mozilla Project reports :MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
MFSA 2013-94 Spoofing addressbar though SELECT element
MFSA 2013-95 Access violation with XSLT and uninitialized data
MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions
MFSA 2013-97 Writing to cycle collected object during image decoding
MFSA 2013-98 Use-after-free when updating offline cache
MFSA 2013-99 Security bypass of PDF.js checks using iframes
MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing
MFSA 2013-101 Memory corruption in workers
MFSA 2013-102 Use-after-free in HTML document templates
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2013-93/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-94/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-95/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-96/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-97/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-98/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-99/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-100/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-101/
https://www.mozilla.org/en-US/security/advisories/mfsa2013-102/
https://www.mozilla.org/en-US/security/known-vulnerabilities/
Plugin Details
Severity: Critical
ID: 70701
File Name: freebsd_pkg_81f866ad41a411e3a4af0025905a4771.nasl
Version: 1.9
Type: local
Family: FreeBSD Local Security Checks
Published: 10/31/2013
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:linux-seamonkey, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:firefox
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 10/30/2013
Vulnerability Publication Date: 10/29/2013
Reference Information
CVE: CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5598, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-5604