Mozilla Firefox ESR 45.x < 45.5 Multiple Vulnerabilities (macOS)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote macOS or Mac OS X host contains a web browser that is
affected by multiple vulnerabilities.

Description :

The version of Mozilla Firefox ESR installed on the remote macOS or
Mac OS X host is 45.x prior to 45.4. It is, therefore, affected by
multiple vulnerabilities, the majority of which are remote code
execution vulnerabilities. An unauthenticated, remote attacker can
exploit these vulnerabilities by convincing a user to visit a
specially crafted website, resulting in the execution of arbitrary
code in the context of the current user.

See also :

https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/

Solution :

Upgrade to Mozilla Firefox ESR version 45.5 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: MacOS X Local Security Checks

Nessus Plugin ID: 94957 ()

Bugtraq ID: 94335
94336
94339
94341

CVE ID: CVE-2016-5290
CVE-2016-5291
CVE-2016-5296
CVE-2016-5297
CVE-2016-9064
CVE-2016-9066
CVE-2016-9074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now