Detections
Analytics
SuSE 11.3 Security Update : MozillaFirefox (SAT Patch Number 9370)
critical Nessus Plugin ID 76188
Language:
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
Mozilla Firefox was updated to version 24.6.0 to fix six security issues :- Miscellaneous memory safety hazards. (CVE-2014-1533 / CVE-2014-1534)
- Use-after-free and out of bounds issues found using Address Sanitizer. (CVE-2014-1536 / CVE-2014-1537 / CVE-2014-1538)
- Use-after-free with SMIL Animation Controller.
(CVE-2014-1541) mozilla-nspr was updated to version 4.10.6 to fix one security issue :
- Out of bounds write in NSPR. (CVE-2014-1545) Further information can be found at https://www.mozilla.org/security/announce/ .
Solution
Apply SAT patch number 9370.See Also
https://bugzilla.novell.com/show_bug.cgi?id=881874
http://support.novell.com/security/cve/CVE-2014-1533.html
http://support.novell.com/security/cve/CVE-2014-1534.html
http://support.novell.com/security/cve/CVE-2014-1536.html
http://support.novell.com/security/cve/CVE-2014-1537.html
http://support.novell.com/security/cve/CVE-2014-1538.html
Plugin Details
Severity: Critical
ID: 76188
File Name: suse_11_Firefox-2014-06-140612.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/23/2014
Updated: 1/19/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:mozillafirefox-translations, p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit, p-cpe:/a:novell:suse_linux:11:mozilla-nspr, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:mozillafirefox, p-cpe:/a:novell:suse_linux:11:mozillafirefox-branding-sled, p-cpe:/a:novell:suse_linux:11:libsoftokn3-32bit, p-cpe:/a:novell:suse_linux:11:mozilla-nss, p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit, p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools, p-cpe:/a:novell:suse_linux:11:libfreebl3, p-cpe:/a:novell:suse_linux:11:libsoftokn3, p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 6/12/2014
Reference Information
CVE: CVE-2014-1533, CVE-2014-1534, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538, CVE-2014-1541, CVE-2014-1545