Detections
Analytics
FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)
high Nessus Plugin ID 81588
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
The Mozilla Project reports :MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files
MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections
MFSA-2015-14 Malicious WebGL content crash when writing strings
MFSA-2015-15 TLS TURN and STUN connections silently fail to simple TCP connections
MFSA-2015-16 Use-after-free in IndexedDB
MFSA-2015-17 Buffer overflow in libstagefright during MP4 video playback
MFSA-2015-18 Double-free when using non-default memory allocators with a zero-length XHR
MFSA-2015-19 Out-of-bounds read and write while rendering SVG content
MFSA-2015-20 Buffer overflow during CSS restyling
MFSA-2015-21 Buffer underflow during MP3 playback
MFSA-2015-22 Crash using DrawTarget in Cairo graphics library
MFSA-2015-23 Use-after-free in Developer Console date with OpenType Sanitiser
MFSA-2015-24 Reading of local files through manipulation of form autocomplete
MFSA-2015-25 Local files or privileged URLs in pages can be opened into new tabs
MFSA-2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs
MFSA-2015-27 Caja Compiler JavaScript sandbox bypass
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2015-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-12/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-13/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-14/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-17/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-18/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-19/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-20/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-21/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-22/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-23/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-24/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-25/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-26/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-27/
Plugin Details
Severity: High
ID: 81588
File Name: freebsd_pkg_990291728253407d9d8b2cfeab9abf81.nasl
Version: 1.9
Type: local
Family: FreeBSD Local Security Checks
Published: 3/2/2015
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:libxul, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:firefox
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 2/27/2015
Vulnerability Publication Date: 2/24/2015
Reference Information
CVE: CVE-2015-0819, CVE-2015-0820, CVE-2015-0821, CVE-2015-0822, CVE-2015-0823, CVE-2015-0824, CVE-2015-0825, CVE-2015-0826, CVE-2015-0827, CVE-2015-0828, CVE-2015-0829, CVE-2015-0830, CVE-2015-0831, CVE-2015-0832, CVE-2015-0833, CVE-2015-0834, CVE-2015-0835, CVE-2015-0836