FreeBSD : mozilla -- multiple vulnerabilities (9c1495ac-8d8c-4789-a0f3-8ca6b476619c)

High Nessus Plugin ID 78496

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Mozilla Project reports :

MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)

MFSA 2014-75 Buffer overflow during CSS manipulation

MFSA 2014-76 Web Audio memory corruption issues with custom waveforms

MFSA 2014-78 Further uninitialized memory use during GIF

MFSA 2014-79 Use-after-free interacting with text directionality

MFSA 2014-80 Key pinning bypasses

MFSA 2014-81 Inconsistent video sharing within iframe

MFSA 2014-82 Accessing cross-origin objects via the Alarms API

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2014-74/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-75/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-76/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-78/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-79/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-80/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-81/

https://www.mozilla.org/en-US/security/advisories/mfsa2014-82/

https://www.mozilla.org/en-US/security/advisories/

http://www.nessus.org/u?14b34cb9

Plugin Details

Severity: High

ID: 78496

File Name: freebsd_pkg_9c1495ac8d8c4789a0f38ca6b476619c.nasl

Version: 1.10

Type: local

Published: 2014/10/16

Updated: 2018/11/21

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:libxul, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/10/14

Vulnerability Publication Date: 2014/10/14

Reference Information

CVE: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576, CVE-2014-1577, CVE-2014-1580, CVE-2014-1581, CVE-2014-1582, CVE-2014-1583, CVE-2014-1584, CVE-2014-1585, CVE-2014-1586