FreeBSD : Mozilla -- multiple vulnerabilities (1fade8a3-e9e8-11e0-9580-4061862b8c22)

Critical Nessus Plugin ID 56323


The remote FreeBSD host is missing one or more security-related updates.


The Mozilla Project reports :

MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:

MFSA 2011-37 Integer underflow when using JavaScript RegExp

MFSA 2011-38 XSS via plugins and shadowed window.location object

MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection

MFSA 2011-40 Code installation through holding down Enter

MFSA 2011-41 Potentially exploitable WebGL crashes

MFSA 2011-42 Potentially exploitable crash in the YARR regular expression library

MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter

MFSA 2011-44 Use after free reading OGG headers

MFSA 2011-45 Inferring Keystrokes from motion data


Update the affected packages.

See Also

Plugin Details

Severity: Critical

ID: 56323

File Name: freebsd_pkg_1fade8a3e9e811e095804061862b8c22.nasl

Version: $Revision: 1.11 $

Type: local

Published: 2011/09/29

Modified: 2015/05/13

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:libxul, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2011/09/28

Vulnerability Publication Date: 2011/09/27

Reference Information

CVE: CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232