Detections
Analytics

Firefox ESR 45.x < 45.2 Multiple Vulnerabilities (Mac OS X)

high Nessus Plugin ID 91544

Language:

Synopsis

The remote Mac OS X host contains a web browser that is affected by multiple vulnerabilities.

Description

The version of Firefox ESR installed on the remote Mac OS X host is 45.x prior to 45.2. It is, therefore, affected by multiple vulnerabilities :

 - Multiple memory corruption issues exist that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-2818)

 - An overflow condition exists that is triggered when handling HTML5 fragments in foreign contexts (e.g., under <svg> nodes). An unauthenticated, remote attacker can exploit this to cause a heap-based buffer overflow, resulting in the execution of arbitrary code.
 (CVE-2016-2819)

 - A use-after-free error exists that is triggered when deleting DOM table elements in 'contenteditable' mode.
 An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-2821)

 - A spoofing vulnerability exists due to improper handling of SELECT elements. An unauthenticated, remote attacker can exploit this to spoof the contents of the address bar. (CVE-2016-2822)

 - A use-after-free error exists that is triggered when destroying the recycle pool of a texture used during the processing of WebGL content. An unauthenticated, remote attacker can exploit this to dereference already freed memory, resulting in the execution of arbitrary code.
 (CVE-2016-2828)

 - A flaw exists that is triggered when handling paired fullscreen and pointerlock requests in combination with closing windows. An unauthenticated, remote attacker can exploit this to create an unauthorized pointerlock, resulting in a denial of service condition.
 Additionally, an attacker can exploit this to conduct spoofing and clickjacking attacks. (CVE-2016-2831)

Solution

Upgrade to Firefox ESR version 45.2 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2016-49/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-50/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-51/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-52/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-56/

https://www.mozilla.org/en-US/security/advisories/mfsa2016-58/

Plugin Details

Severity: High

ID: 91544

File Name: macosx_firefox_45_2_esr.nasl

Version: 1.9

Type: local

Agent: macosx

Published: 6/9/2016

Updated: 11/19/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2016-2828

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox_esr

Required KB Items: MacOSX/Firefox/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/7/2016

Vulnerability Publication Date: 6/7/2016

Reference Information

CVE: CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2828, CVE-2016-2831

BID: 91072, 91074, 91075

MFSA: 2016-49, 2016-50, 2016-51, 2016-52, 2016-56, 2016-58