This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2015-0813, CVE-2015-0815, CVE-2015-0801)
A flaw was found in the way documents were loaded via resource URLs
in, for example, Mozilla's PDF.js PDF file viewer. An attacker could
use this flaw to bypass certain restrictions and under certain
conditions even execute arbitrary code with the privileges of the user
running Firefox. (CVE-2015-0816)
A flaw was found in the Beacon interface implementation in Firefox. A
web page containing malicious content could allow a remote attacker to
conduct a Cross-Site Request Forgery (CSRF) attack. (CVE-2015-0807)
After installing the update, Firefox must be restarted for the changes
to take effect.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Public Exploit Available : true
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 82520 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now