FreeBSD : mozilla -- multiple vulnerabilities (dfe40cff-9c3f-11e0-9bec-6c626dd55a41)

high Nessus Plugin ID 55397

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Mozilla Project reports :

MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)

MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled

MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images

MFSA 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight()

MFSA 2011-23 Multiple dangling pointer vulnerabilities

MFSA 2011-24 Cookie isolation error

MFSA 2011-25 Stealing of cross-domain images using WebGL textures

MFSA 2011-26 Multiple WebGL crashes

MFSA 2011-27 XSS encoding hazard with inline SVG

MFSA 2011-28 Non-whitelisted site can trigger xpinstall

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2011-19/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-20/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-21/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-22/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-23/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-24/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-25/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-26/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-27/

https://www.mozilla.org/en-US/security/advisories/mfsa2011-28/

http://www.nessus.org/u?4ef1e82b

Plugin Details

Severity: High

ID: 55397

File Name: freebsd_pkg_dfe40cff9c3f11e09bec6c626dd55a41.nasl

Version: 1.11

Type: local

Published: 6/22/2011

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/21/2011

Vulnerability Publication Date: 6/21/2011