Fedora 18 : firefox-19.0-1.fc18 / thunderbird-17.0.3-1.fc18 / xulrunner-19.0-1.fc18 (2013-2794)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

- Built-in PDF viewer

- Canvas elements can export their content as an image
blob using canvas.toBlob()

- Startup performance improvements (bugs 715402 and
756313)

- Debugger now supports pausing on exceptions and hiding
non-enumerable properties

- Remote Web Console is available for connecting to
Firefox on Android or Firefox OS (experimental, set
devtools.debugger.remote-enabled to true)

- There is now a Browser Debugger available for add-on
and browser developers (experimental, set
devtools.chrome.enabled to true)

- Web Console CSS links now open in the Style Editor

- CSS @page is now supported

- HTML5 CSS viewport-percentage length units implemented
(vh, vw, vmin and vmax)

- CSS text-transform now supports full-width Fixed :

- Certain valid WebGL drawing operations are incorrectly
rejected, leaving incomplete rendering in affected pages
(825205)

- Starting Firefox with -private flag incorrectly claims
you are not in Private Browsing mode (802274)

- Plugins stop rendering when the top half of the plugin
is scrolled off the top of the page, in HiDPI mode
(825734)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?f44ac90b
http://www.nessus.org/u?2cde167c
http://www.nessus.org/u?e3563b0d

Solution :

Update the affected firefox, thunderbird and / or xulrunner packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 64858 ()

Bugtraq ID: 58034
58036
58037
58038
58040
58041
58042
58043
58044
58047
58048
58049
58050
58051

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now