FreeBSD : mozilla -- multiple vulnerabilities (9d04936c-75f1-4a2c-9ade-4c1708be5df9)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2015-133 NSS and NSPR memory corruption issues

MFSA 2015-132 Mixed content WebSocket policy bypass through workers

MFSA 2015-131 Vulnerabilities found through code inspection

MFSA 2015-130 JavaScript garbage collection crash with Java applet

MFSA 2015-129 Certain escaped characters in host of Location-header
are being treated as non-escaped

MFSA 2015-128 Memory corruption in libjar through zip files

MFSA 2015-127 CORS preflight is bypassed when non-standard
Content-Type headers are received

MFSA 2015-126 Crash when accessing HTML tables with accessibility
tools on OS X

MFSA 2015-125 XSS attack through intents on Firefox for Android

MFSA 2015-124 Android intents can be used on Firefox for Android to
open privileged files

MFSA 2015-123 Buffer overflow during image interactions in canvas

MFSA 2015-122 Trailing whitespace in IP address hostnames can bypass
same-origin policy

MFSA 2015-121 Disabling scripts in Add-on SDK panels has no effect

MFSA 2015-120 Reading sensitive profile files through local HTML file
on Android

MFSA 2015-119 Firefox for Android addressbar can be removed after
fullscreen mode

MFSA 2015-118 CSP bypass due to permissive Reader mode whitelist

MFSA 2015-117 Information disclosure through NTLM authentication

MFSA 2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

See also :

https://www.mozilla.org/security/advisories/mfsa2015-116/
https://www.mozilla.org/security/advisories/mfsa2015-117/
https://www.mozilla.org/security/advisories/mfsa2015-118/
https://www.mozilla.org/security/advisories/mfsa2015-119/
https://www.mozilla.org/security/advisories/mfsa2015-120/
https://www.mozilla.org/security/advisories/mfsa2015-121/
https://www.mozilla.org/security/advisories/mfsa2015-122/
https://www.mozilla.org/security/advisories/mfsa2015-123/
https://www.mozilla.org/security/advisories/mfsa2015-124/
https://www.mozilla.org/security/advisories/mfsa2015-125/
https://www.mozilla.org/security/advisories/mfsa2015-126/
https://www.mozilla.org/security/advisories/mfsa2015-127/
https://www.mozilla.org/security/advisories/mfsa2015-128/
https://www.mozilla.org/security/advisories/mfsa2015-129/
https://www.mozilla.org/security/advisories/mfsa2015-130/
https://www.mozilla.org/security/advisories/mfsa2015-131/
https://www.mozilla.org/security/advisories/mfsa2015-132/
https://www.mozilla.org/security/advisories/mfsa2015-133/
http://www.nessus.org/u?f32061b6

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)