FreeBSD : mozilla -- multiple vulnerabilities (49e8f2ee-8147-11de-a994-0030843d3802)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Mozilla Project reports :

MFSA 2009-38: Data corruption with SOCKS5 reply containing DNS name
longer than 15 characters

MFSA 2009-42: Compromise of SSL-protected communication

MFSA 2009-43: Heap overflow in certificate regexp parsing

MFSA 2009-44: Location bar and SSL indicator spoofing via
window.open() on invalid URL

MFSA 2009-45: Crashes with evidence of memory corruption
(rv:1.9.1.2/1.9.0.13)

MFSA 2009-46: Chrome privilege escalation due to incorrectly cached
wrapper

See also :

http://www.mozilla.org/security/announce/2009/mfsa2009-38.html
http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
http://www.mozilla.org/security/announce/2009/mfsa2009-44.html
http://www.mozilla.org/security/announce/2009/mfsa2009-45.html
http://www.mozilla.org/security/announce/2009/mfsa2009-46.html
http://www.nessus.org/u?02a47819

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 40485 (freebsd_pkg_49e8f2ee814711dea9940030843d3802.nasl)

Bugtraq ID:

CVE ID: CVE-2009-2404
CVE-2009-2408
CVE-2009-2454
CVE-2009-2470

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now