Mozilla Firefox < 49 Multiple Vulnerabilities (macOS)

High Nessus Plugin ID 117940

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

A web browser installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Mozilla Firefox installed on the remote macOS host is prior to 49. It is, therefore, affected by multiple vulnerabilities as noted in Mozilla Firefox stable channel update release notes for 2016/09/20. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Mozilla Firefox version 49 or later.

See Also

http://www.nessus.org/u?a71b5c71

http://www.nessus.org/u?27887241

http://www.nessus.org/u?4caa1ed8

http://www.nessus.org/u?32eb4c7a

http://www.nessus.org/u?5ef629bf

http://www.nessus.org/u?8865b1d7

http://www.nessus.org/u?160280d4

http://www.nessus.org/u?5dbbf44e

http://www.nessus.org/u?54ac5d09

http://www.nessus.org/u?d3bfda65

http://www.nessus.org/u?5d89bb27

http://www.nessus.org/u?f45fb2ce

http://www.nessus.org/u?47a40c69

http://www.nessus.org/u?0baaaa08

http://www.nessus.org/u?1181d174

http://www.nessus.org/u?2269f975

http://www.nessus.org/u?b74c22ad

http://www.nessus.org/u?7882d62d

http://www.nessus.org/u?0e281edf

http://www.nessus.org/u?117622e5

http://www.nessus.org/u?4b353376

http://www.nessus.org/u?6207b3c0

http://www.nessus.org/u?7e04baf7

http://www.nessus.org/u?527385b7

http://www.nessus.org/u?40b8f022

http://www.nessus.org/u?0d9488e8

http://www.nessus.org/u?c74b0ed3

http://www.nessus.org/u?8e935ffb

http://www.nessus.org/u?d5be7ccc

http://www.nessus.org/u?c34feae8

http://www.nessus.org/u?c773d903

http://www.nessus.org/u?8e86e0c1

http://www.nessus.org/u?8b727e4e

Plugin Details

Severity: High

ID: 117940

File Name: macosx_firefox_49_0.nasl

Version: 1.2

Type: local

Agent: macosx

Family: MacOS X Local Security Checks

Published: 2018/10/05

Updated: 2019/11/01

Dependencies: 55417

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS Score Source: CVE-2016-5256

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox

Required KB Items: MacOSX/Firefox/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/09/20

Vulnerability Publication Date: 2016/09/20

Reference Information

CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE-2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284