FreeBSD : mozilla -- multiple vulnerabilities (dd116b19-64b3-11e3-868f-0025905a4771)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2013-116 JPEG information leak

MFSA 2013-105 Application Installation doorhanger persists on
navigation

MFSA 2013-106 Character encoding cross-origin XSS attack

MFSA 2013-107 Sandbox restrictions not applied to nested object
elements

MFSA 2013-108 Use-after-free in event listeners

MFSA 2013-109 Use-after-free during Table Editing

MFSA 2013-110 Potential overflow in JavaScript binary search
algorithms

MFSA 2013-111 Segmentation violation when replacing ordered list
elements

MFSA 2013-112 Linux clipboard information disclosure though selection
paste

MFSA 2013-113 Trust settings for built-in roots ignored during EV
certificate validation

MFSA 2013-114 Use-after-free in synthetic mouse movement

MFSA 2013-115 GetElementIC typed array stubs can be generated outside
observed typesets

MFSA 2013-116 JPEG information leak

MFSA 2013-117 Mis-issued ANSSI/DCSSI certificate

See also :

https://www.mozilla.org/security/announce/2013/mfsa2013-104.html
https://www.mozilla.org/security/announce/2013/mfsa2013-105.html
https://www.mozilla.org/security/announce/2013/mfsa2013-106.html
https://www.mozilla.org/security/announce/2013/mfsa2013-107.html
https://www.mozilla.org/security/announce/2013/mfsa2013-108.html
https://www.mozilla.org/security/announce/2013/mfsa2013-109.html
https://www.mozilla.org/security/announce/2013/mfsa2013-110.html
https://www.mozilla.org/security/announce/2013/mfsa2013-111.html
https://www.mozilla.org/security/announce/2013/mfsa2013-112.html
https://www.mozilla.org/security/announce/2013/mfsa2013-113.html
https://www.mozilla.org/security/announce/2013/mfsa2013-114.html
https://www.mozilla.org/security/announce/2013/mfsa2013-115.html
https://www.mozilla.org/security/announce/2013/mfsa2013-116.html
https://www.mozilla.org/security/announce/2013/mfsa2013-117.html
http://www.mozilla.org/security/known-vulnerabilities/
http://www.nessus.org/u?ba438c58

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now