Detections
Analytics
FreeBSD : mozilla -- multiple vulnerabilities (2c2d1c39-1396-459a-91f5-ca03ee7c64c6)
critical Nessus Plugin ID 87385
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
The Mozilla Project reports :MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects
MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation
MFSA 2015-137 Firefox allows for control characters to be set in cookies
MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed
MFSA 2015-139 Integer overflow allocating extremely large textures
MFSA 2015-140 Cross-origin information leak through web workers error events
MFSA 2015-141 Hash in data URI is incorrectly parsed
MFSA 2015-142 DOS due to malformed frames in HTTP/2
MFSA 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library
MFSA 2015-144 Buffer overflows found through code inspection
MFSA 2015-145 Underflow through code inspection
MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions
MFSA 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright
MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension APIs
MFSA 2015-149 Cross-site reading attack through data and view-source URIs
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-135/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-136/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-137/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-138/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-140/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-141/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-142/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-143/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-144/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-147/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-148/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
Plugin Details
Severity: Critical
ID: 87385
File Name: freebsd_pkg_2c2d1c391396459a91f5ca03ee7c64c6.nasl
Version: 2.12
Type: local
Family: FreeBSD Local Security Checks
Published: 12/16/2015
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:libxul, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:firefox
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 12/15/2015
Vulnerability Publication Date: 12/15/2015
Reference Information
CVE: CVE-2015-7201, CVE-2015-7202, CVE-2015-7203, CVE-2015-7204, CVE-2015-7205, CVE-2015-7207, CVE-2015-7208, CVE-2015-7210, CVE-2015-7211, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214, CVE-2015-7215, CVE-2015-7216, CVE-2015-7217, CVE-2015-7218, CVE-2015-7219, CVE-2015-7220, CVE-2015-7221, CVE-2015-7222, CVE-2015-7223