FreeBSD : firefox -- javascript garbage collector vulnerability (67bd39ba-12b5-11dd-bab7-0016179b2dd5)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Mozilla Foundation reports :

Fixes for security problems in the JavaScript engine described in MFSA
2008-15 introduced a stability problem, where some users experienced
crashes during JavaScript garbage collection. This is being fixed
primarily to address stability concerns. We have no demonstration that
this particular crash is exploitable but are issuing this advisory
because some crashes of this type have been shown to be exploitable in
the past.

See also :

http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
http://www.nessus.org/u?5adba6e4

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 32064 (freebsd_pkg_67bd39ba12b511ddbab70016179b2dd5.nasl)

Bugtraq ID: 28818

CVE ID: CVE-2008-1237
CVE-2008-1380

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now