Fedora 17 : firefox-19.0-1.fc17 / thunderbird-17.0.3-1.fc17 / xulrunner-19.0-1.fc17 (2013-2773)

high Nessus Plugin ID 64857

Synopsis

The remote Fedora host is missing one or more security updates.

Description

- Built-in PDF viewer

- Canvas elements can export their content as an image blob using canvas.toBlob()

- Startup performance improvements (bugs 715402 and 756313)

- Debugger now supports pausing on exceptions and hiding non-enumerable properties

- Remote Web Console is available for connecting to Firefox on Android or Firefox OS (experimental, set devtools.debugger.remote-enabled to true)

- There is now a Browser Debugger available for add-on and browser developers (experimental, set devtools.chrome.enabled to true)

- Web Console CSS links now open in the Style Editor

- CSS @page is now supported

- HTML5 CSS viewport-percentage length units implemented (vh, vw, vmin and vmax)

- CSS text-transform now supports full-width Fixed :

- Certain valid WebGL drawing operations are incorrectly rejected, leaving incomplete rendering in affected pages (825205)

- Starting Firefox with -private flag incorrectly claims you are not in Private Browsing mode (802274)

- Plugins stop rendering when the top half of the plugin is scrolled off the top of the page, in HiDPI mode (825734)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected firefox, thunderbird and / or xulrunner packages.

See Also

http://www.nessus.org/u?1ca53f89

http://www.nessus.org/u?8e666e5b

http://www.nessus.org/u?223790e6

Plugin Details

Severity: High

ID: 64857

File Name: fedora_2013-2773.nasl

Version: 1.10

Type: local

Agent: unix

Published: 2/24/2013

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:firefox, p-cpe:/a:fedoraproject:fedora:thunderbird, p-cpe:/a:fedoraproject:fedora:xulrunner, cpe:/o:fedoraproject:fedora:17

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/21/2013

Reference Information

BID: 58041, 58042, 58043, 58044, 58047, 58034, 58036, 58037, 58038, 58040, 58048, 58049, 58050, 58051

FEDORA: 2013-2773