Mozilla Firefox < 49 Multiple Vulnerabilities (macOS)

critical Nessus Plugin ID 117940

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Mozilla Firefox installed on the remote macOS host is prior to 49. It is, therefore, affected by multiple vulnerabilities as noted in Mozilla Firefox stable channel update release notes for 2016/09/20. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Mozilla Firefox version 49 or later.

See Also

http://www.nessus.org/u?a71b5c71

http://www.nessus.org/u?27887241

http://www.nessus.org/u?4caa1ed8

http://www.nessus.org/u?32eb4c7a

http://www.nessus.org/u?5ef629bf

http://www.nessus.org/u?8865b1d7

http://www.nessus.org/u?160280d4

http://www.nessus.org/u?5dbbf44e

http://www.nessus.org/u?54ac5d09

http://www.nessus.org/u?d3bfda65

http://www.nessus.org/u?5d89bb27

http://www.nessus.org/u?f45fb2ce

http://www.nessus.org/u?47a40c69

http://www.nessus.org/u?0baaaa08

http://www.nessus.org/u?1181d174

http://www.nessus.org/u?2269f975

http://www.nessus.org/u?b74c22ad

http://www.nessus.org/u?7882d62d

http://www.nessus.org/u?0e281edf

http://www.nessus.org/u?117622e5

http://www.nessus.org/u?4b353376

http://www.nessus.org/u?6207b3c0

http://www.nessus.org/u?7e04baf7

http://www.nessus.org/u?527385b7

http://www.nessus.org/u?40b8f022

http://www.nessus.org/u?0d9488e8

http://www.nessus.org/u?c74b0ed3

http://www.nessus.org/u?8e935ffb

http://www.nessus.org/u?d5be7ccc

http://www.nessus.org/u?c34feae8

http://www.nessus.org/u?c773d903

http://www.nessus.org/u?8e86e0c1

http://www.nessus.org/u?8b727e4e

Plugin Details

Severity: Critical

ID: 117940

File Name: macosx_firefox_49_0.nasl

Version: 1.2

Type: local

Agent: macosx

Published: 10/5/2018

Updated: 11/1/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2016-5256

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Required KB Items: MacOSX/Firefox/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 9/20/2016

Vulnerability Publication Date: 9/20/2016

Reference Information

CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE-2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284