FreeBSD : mozilla -- multiple vulnerabilities (2c2d1c39-1396-459a-91f5-ca03ee7c64c6)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Mozilla Project reports :

MFSA 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)

MFSA 2015-135 Crash with JavaScript variable assignment with unboxed
objects

MFSA 2015-136 Same-origin policy violation using perfomance.getEntries
and history navigation

MFSA 2015-137 Firefox allows for control characters to be set in
cookies

MFSA 2015-138 Use-after-free in WebRTC when datachannel is used after
being destroyed

MFSA 2015-139 Integer overflow allocating extremely large textures

MFSA 2015-140 Cross-origin information leak through web workers error
events

MFSA 2015-141 Hash in data URI is incorrectly parsed

MFSA 2015-142 DOS due to malformed frames in HTTP/2

MFSA 2015-143 Linux file chooser crashes on malformed images due to
flaws in Jasper library

MFSA 2015-144 Buffer overflows found through code inspection

MFSA 2015-145 Underflow through code inspection

MFSA 2015-146 Integer overflow in MP4 playback in 64-bit versions

MFSA 2015-147 Integer underflow and buffer overflow processing MP4
metadata in libstagefright

MFSA 2015-148 Privilege escalation vulnerabilities in WebExtension
APIs

MFSA 2015-149 Cross-site reading attack through data and view-source
URIs

See also :

https://www.mozilla.org/security/advisories/mfsa2015-134/
https://www.mozilla.org/security/advisories/mfsa2015-135/
https://www.mozilla.org/security/advisories/mfsa2015-136/
https://www.mozilla.org/security/advisories/mfsa2015-137/
https://www.mozilla.org/security/advisories/mfsa2015-138/
https://www.mozilla.org/security/advisories/mfsa2015-139/
https://www.mozilla.org/security/advisories/mfsa2015-140/
https://www.mozilla.org/security/advisories/mfsa2015-141/
https://www.mozilla.org/security/advisories/mfsa2015-142/
https://www.mozilla.org/security/advisories/mfsa2015-143/
https://www.mozilla.org/security/advisories/mfsa2015-144/
https://www.mozilla.org/security/advisories/mfsa2015-145/
https://www.mozilla.org/security/advisories/mfsa2015-146/
https://www.mozilla.org/security/advisories/mfsa2015-147/
https://www.mozilla.org/security/advisories/mfsa2015-148/
https://www.mozilla.org/security/advisories/mfsa2015-149/
http://www.nessus.org/u?367ae579

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now