Fedora 18 : firefox-19.0-1.fc18 / thunderbird-17.0.3-1.fc18 / xulrunner-19.0-1.fc18 (2013-2794)

High Nessus Plugin ID 64858


The remote Fedora host is missing one or more security updates.


- Built-in PDF viewer

- Canvas elements can export their content as an image blob using canvas.toBlob()

- Startup performance improvements (bugs 715402 and 756313)

- Debugger now supports pausing on exceptions and hiding non-enumerable properties

- Remote Web Console is available for connecting to Firefox on Android or Firefox OS (experimental, set devtools.debugger.remote-enabled to true)

- There is now a Browser Debugger available for add-on and browser developers (experimental, set devtools.chrome.enabled to true)

- Web Console CSS links now open in the Style Editor

- CSS @page is now supported

- HTML5 CSS viewport-percentage length units implemented (vh, vw, vmin and vmax)

- CSS text-transform now supports full-width Fixed :

- Certain valid WebGL drawing operations are incorrectly rejected, leaving incomplete rendering in affected pages (825205)

- Starting Firefox with -private flag incorrectly claims you are not in Private Browsing mode (802274)

- Plugins stop rendering when the top half of the plugin is scrolled off the top of the page, in HiDPI mode (825734)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected firefox, thunderbird and / or xulrunner packages.

See Also




Plugin Details

Severity: High

ID: 64858

File Name: fedora_2013-2794.nasl

Version: $Revision: 1.8 $

Type: local

Agent: unix

Published: 2013/02/24

Modified: 2015/10/19

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:firefox, p-cpe:/a:fedoraproject:fedora:thunderbird, p-cpe:/a:fedoraproject:fedora:xulrunner, cpe:/o:fedoraproject:fedora:18

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/02/21

Reference Information

BID: 58034, 58036, 58037, 58038, 58040, 58041, 58042, 58043, 58044, 58047, 58048, 58049, 58050, 58051

FEDORA: 2013-2794