FreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede)

Critical Nessus Plugin ID 47130

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Mozilla Project reports :

MFSA 2010-33 User tracking across sites using Math.random()

MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type:
multipart also present

MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes

MFSA 2010-30 Integer Overflow in XSLT Node Sorting

MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal

MFSA 2010-28 Freed object reuse across plugin instances

MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots()

MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10)

MFSA 2010-25 Re-use of freed object due to scope confusion

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2010-33/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-32/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-31/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-30/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-29/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-28/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-27/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-26/

https://www.mozilla.org/en-US/security/advisories/mfsa2010-25/

http://www.nessus.org/u?581e2cb7

Plugin Details

Severity: Critical

ID: 47130

File Name: freebsd_pkg_99858b7c7ece11dfa007000f20797ede.nasl

Version: 1.12

Type: local

Published: 2010/06/25

Updated: 2018/11/21

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:linux-firefox-devel, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2010/06/23

Vulnerability Publication Date: 2010/06/22

Reference Information

CVE: CVE-2008-5913, CVE-2010-0183, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203