FreeBSD : mozilla -- multiple vulnerabilities (d9b43004-f5fd-4807-b1d7-dbf66455b244)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA-2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)

MFSA-2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer

MFSA-2015-48 Buffer overflow with SVG content and CSS

MFSA-2015-49 Referrer policy ignored when links opened by middle-click
and context menu

MFSA-2015-50 Out-of-bounds read and write in asm.js validation

MFSA-2015-51 Use-after-free during text processing with vertical text
enabled

MFSA-2015-52 Sensitive URL encoded information written to Android
logcat

MFSA-2015-53 Use-after-free due to Media Decoder Thread creation
during shutdown

MFSA-2015-54 Buffer overflow when parsing compressed XML

MFSA-2015-55 Buffer overflow and out-of-bounds read while parsing MP4
video metadata

MFSA-2015-56 Untrusted site hosting trusted page can intercept
webchannel responses

MFSA-2015-57 Privilege escalation through IPC channel messages

MFSA-2015-58 Mozilla Windows updater can be run outside of application
directory

MFSA 2015-93 Integer overflows in libstagefright while processing MP4
video metadata

See also :

https://www.mozilla.org/security/advisories/mfsa2015-46/
https://www.mozilla.org/security/advisories/mfsa2015-47/
https://www.mozilla.org/security/advisories/mfsa2015-48/
https://www.mozilla.org/security/advisories/mfsa2015-49/
https://www.mozilla.org/security/advisories/mfsa2015-50/
https://www.mozilla.org/security/advisories/mfsa2015-51/
https://www.mozilla.org/security/advisories/mfsa2015-52/
https://www.mozilla.org/security/advisories/mfsa2015-53/
https://www.mozilla.org/security/advisories/mfsa2015-54/
https://www.mozilla.org/security/advisories/mfsa2015-55/
https://www.mozilla.org/security/advisories/mfsa2015-56/
https://www.mozilla.org/security/advisories/mfsa2015-57/
https://www.mozilla.org/security/advisories/mfsa2015-58/
https://www.mozilla.org/security/advisories/mfsa2015-93/
http://www.nessus.org/u?0148c041

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now