Detections
Analytics

FreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303)

critical Nessus Plugin ID 88512

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Mozilla Foundation reports :

MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)

MFSA 2016-02 Out of Memory crash when parsing GIF format images

MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation

MFSA 2016-04 Firefox allows for control characters to be set in cookie names

MFSA 2016-06 Missing delay following user click events in protocol handler dialog

MFSA 2016-09 Addressbar spoofing attacks

MFSA 2016-10 Unsafe memory manipulation found through code inspection

MFSA 2016-11 Application Reputation service disabled in Firefox 43

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-02/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-03/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-04/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-06/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-11/

http://www.nessus.org/u?93ab233f

Plugin Details

Severity: Critical

ID: 88512

File Name: freebsd_pkg_4f00dac01e18448195af7aaad63fd303.nasl

Version: 2.14

Type: local

Published: 2/2/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:libxul, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:firefox

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2/1/2016

Vulnerability Publication Date: 1/26/2016

Reference Information

CVE: CVE-2015-7208, CVE-2016-1930, CVE-2016-1931, CVE-2016-1933, CVE-2016-1935, CVE-2016-1937, CVE-2016-1939, CVE-2016-1942, CVE-2016-1943, CVE-2016-1944, CVE-2016-1945, CVE-2016-1946, CVE-2016-1947