FreeBSD : mozilla -- multiple vulnerabilities (44d9daee-940c-4179-86bb-6e3ffd617869) (Logjam)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 /
rv:38.1)

MFSA 2015-60 Local files or privileged URLs in pages can be opened
into new tabs

MFSA 2015-61 Type confusion in Indexed Database Manager

MFSA 2015-62 Out-of-bound read while computing an oscillator rendering
range in Web Audio

MFSA 2015-63 Use-after-free in Content Policy due to microtask
execution error

MFSA 2015-64 ECDSA signature validation fails to handle some
signatures correctly

MFSA 2015-65 Use-after-free in workers while using XMLHttpRequest

MFSA 2015-66 Vulnerabilities found through code inspection

MFSA 2015-67 Key pinning is ignored when overridable errors are
encountered

MFSA 2015-68 OS X crash reports may contain entered key press
information

MFSA 2015-69 Privilege escalation through internal workers

MFSA 2015-70 NSS accepts export-length DHE keys with regular DHE
cipher suites

MFSA 2015-71 NSS incorrectly permits skipping of ServerKeyExchange

See also :

https://www.mozilla.org/security/advisories/mfsa2015-59/
https://www.mozilla.org/security/advisories/mfsa2015-60/
https://www.mozilla.org/security/advisories/mfsa2015-61/
https://www.mozilla.org/security/advisories/mfsa2015-62/
https://www.mozilla.org/security/advisories/mfsa2015-63/
https://www.mozilla.org/security/advisories/mfsa2015-64/
https://www.mozilla.org/security/advisories/mfsa2015-65/
https://www.mozilla.org/security/advisories/mfsa2015-66/
https://www.mozilla.org/security/advisories/mfsa2015-67/
https://www.mozilla.org/security/advisories/mfsa2015-68/
https://www.mozilla.org/security/advisories/mfsa2015-69/
https://www.mozilla.org/security/advisories/mfsa2015-70/
https://www.mozilla.org/security/advisories/mfsa2015-71/
http://www.nessus.org/u?5ed3820f

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)