FreeBSD : mozilla -- multiple vulnerabilities (c4f067b9-dc4a-11df-8e32-000f20797ede)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/
1.9.1.14)

MFSA 2010-65 Buffer overflow and memory corruption using
document.write

MFSA 2010-66 Use-after-free error in nsBarProp

MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter

MFSA 2010-68 XSS in gopher parser when parsing hrefs

MFSA 2010-69 Cross-site information disclosure via modal calls

MFSA 2010-70 SSL wildcard certificate matching IP addresses

MFSA 2010-71 Unsafe library loading vulnerabilities

MFSA 2010-72 Insecure Diffie-Hellman key exchange

See also :

http://www.mozilla.org/security/announce/2010/mfsa2010-64.html
http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
http://www.mozilla.org/security/announce/2010/mfsa2010-68.html
http://www.mozilla.org/security/announce/2010/mfsa2010-69.html
http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
http://www.mozilla.org/security/announce/2010/mfsa2010-72.html
http://www.nessus.org/u?6aace5b0

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now