This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Debian security team reports :
Tobias Stoeckmann discovered that cache files are insufficiently
validated in fontconfig, a generic font configuration library. An
attacker can trigger arbitrary free() calls, which in turn allows
double free attacks and therefore arbitrary code execution. In
combination with setuid binaries using crafted cache files, this could
allow privilege escalation.
See also :
Update the affected package.
Risk factor :
Medium / CVSS Base Score : 4.6