This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Xulrunner was updated to 38.5.0 to fix several security issues.
The following vulnerabilities were fixed (boo#959277) :
- CVE-2015-7201: Miscellaneous memory safety hazards
- CVE-2015-7210: Use-after-free in WebRTC when datachannel
is used after being destroyed
- CVE-2015-7212: Integer overflow allocating extremely
- CVE-2015-7205: Underflow through code inspection
- CVE-2015-7213: Integer overflow in MP4 playback in
- CVE-2015-7222: Integer underflow and buffer overflow
processing MP4 metadata in libstagefright
- CVE-2015-7214: Cross-site reading attack through data
and view-source URIs
See also :
Update the affected xulrunner packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: SuSE Local Security Checks
Nessus Plugin ID: 87635 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now