FreeBSD : mozilla -- multiple vulnerabilities (0a9e2b72-4cb7-11e1-9146-14dae9ebcf89)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/
rv:1.9.2.26)

MFSA 2012-02 Overly permissive IPv6 literal syntax

MFSA 2012-03 iframe element exposed across domains via name attribute

MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after
removal of nodes

MFSA 2012-05 Frame scripts calling into untrusted objects bypass
security checks

MFSA 2012-06 Uninitialized memory appended when encoding icon images
may cause information disclosure

MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis
files

MFSA 2012-08 Crash with malformed embedded XSLT stylesheets

MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission

See also :

http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
http://www.mozilla.org/security/announce/2012/mfsa2012-02.html
http://www.mozilla.org/security/announce/2012/mfsa2012-03.html
http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
http://www.mozilla.org/security/announce/2012/mfsa2012-05.html
http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
http://www.mozilla.org/security/announce/2012/mfsa2012-09.html
http://www.nessus.org/u?c3d09b5e

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 57785 ()

Bugtraq ID:

CVE ID: CVE-2011-3659
CVE-2011-3670
CVE-2012-0442
CVE-2012-0443
CVE-2012-0445
CVE-2012-0446
CVE-2012-0447
CVE-2012-0449
CVE-2012-0450

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now