FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)

This script is Copyright (C) 2015 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

The Mozilla Project reports :

MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)

MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL

MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS

MFSA-2015-14 Malicious WebGL content crash when writing strings

MFSA-2015-15 TLS TURN and STUN connections silently fail to simple TCP

MFSA-2015-16 Use-after-free in IndexedDB

MFSA-2015-17 Buffer overflow in libstagefright during MP4 video

MFSA-2015-18 Double-free when using non-default memory allocators with
a zero-length XHR

MFSA-2015-19 Out-of-bounds read and write while rendering SVG content

MFSA-2015-20 Buffer overflow during CSS restyling

MFSA-2015-21 Buffer underflow during MP3 playback

MFSA-2015-22 Crash using DrawTarget in Cairo graphics library

MFSA-2015-23 Use-after-free in Developer Console date with OpenType

MFSA-2015-24 Reading of local files through manipulation of form

MFSA-2015-25 Local files or privileged URLs in pages can be opened
into new tabs

MFSA-2015-26 UI Tour whitelisted sites in background tab can spoof
foreground tabs

MFSA-2015-27 Caja Compiler JavaScript sandbox bypass

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now