FreeBSD : mozilla -- multiple vulnerabilities (f82c85d8-1c6e-11df-abb2-000f20797ede)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Mozilla Project reports :

MFSA 2010-05 XSS hazard using SVG document and binary Content-Type

MFSA 2010-04 XSS due to window.dialogArguments being readable
cross-domain

MFSA 2010-03 Use-after-free crash in HTML parser

MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability

MFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/
1.9.0.18)

See also :

http://www.mozilla.org/security/announce/2010/mfsa2010-01.html
http://www.mozilla.org/security/announce/2010/mfsa2010-02.html
http://www.mozilla.org/security/announce/2010/mfsa2010-03.html
http://www.mozilla.org/security/announce/2010/mfsa2010-04.html
http://www.mozilla.org/security/announce/2010/mfsa2010-05.html
http://www.nessus.org/u?c0ad6841

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 44661 (freebsd_pkg_f82c85d81c6e11dfabb2000f20797ede.nasl)

Bugtraq ID:

CVE ID: CVE-2009-1571
CVE-2009-3988
CVE-2010-0159
CVE-2010-0160
CVE-2010-0162

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now