Detections
Analytics
FreeBSD : mozilla -- multiple vulnerabilities (2d56c7f4-b354-428f-8f48-38150c607a05)
high Nessus Plugin ID 86079
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
The Mozilla Project reports :MFSA 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
MFSA 2015-97 Memory leak in mozTCPSocket to servers
MFSA 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes
MFSA 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme
MFSA 2015-100 Arbitrary file manipulation by local user through Mozilla updater
MFSA 2015-101 Buffer overflow in libvpx while parsing vp9 format video
MFSA 2015-102 Crash when using debugger with SavedStacks in JavaScript
MFSA 2015-103 URL spoofing in reader mode
MFSA 2015-104 Use-after-free with shared workers and IndexedDB
MFSA 2015-105 Buffer overflow while decoding WebM video
MFSA 2015-106 Use-after-free while manipulating HTML media content
MFSA 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems
MFSA 2015-108 Scripted proxies can access inner window
MFSA 2015-109 JavaScript immutable property enforcement can be bypassed
MFSA 2015-110 Dragging and dropping images exposes final URL after redirects
MFSA 2015-111 Errors in the handling of CORS preflight request headers
MFSA 2015-112 Vulnerabilities found through code inspection
MFSA 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
MFSA 2015-114 Information disclosure via the High Resolution Time API
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-98/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-99/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-100/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-102/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-103/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-108/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-109/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-110/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-111/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-114/
Plugin Details
Severity: High
ID: 86079
File Name: freebsd_pkg_2d56c7f4b354428f8f4838150c607a05.nasl
Version: 2.10
Type: local
Family: FreeBSD Local Security Checks
Published: 9/23/2015
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:libxul, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:firefox
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 9/22/2015
Vulnerability Publication Date: 9/22/2015
Reference Information
CVE: CVE-2015-4476, CVE-2015-4500, CVE-2015-4501, CVE-2015-4502, CVE-2015-4503, CVE-2015-4504, CVE-2015-4505, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7178, CVE-2015-7179, CVE-2015-7180