FreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede)

Critical Nessus Plugin ID 47130


The remote FreeBSD host is missing one or more security-related updates.


Mozilla Project reports :

MFSA 2010-33 User tracking across sites using Math.random()

MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type:
multipart also present

MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes

MFSA 2010-30 Integer Overflow in XSLT Node Sorting

MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal

MFSA 2010-28 Freed object reuse across plugin instances

MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots()

MFSA 2010-26 Crashes with evidence of memory corruption (rv:

MFSA 2010-25 Re-use of freed object due to scope confusion


Update the affected packages.

See Also

Plugin Details

Severity: Critical

ID: 47130

File Name: freebsd_pkg_99858b7c7ece11dfa007000f20797ede.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2010/06/25

Modified: 2015/05/13

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:linux-firefox-devel, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2010/06/23

Vulnerability Publication Date: 2010/06/22

Reference Information

CVE: CVE-2008-5913, CVE-2010-0183, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203