FreeBSD : mozilla -- multiple vulnerabilities (44d9daee-940c-4179-86bb-6e3ffd617869) (Logjam)

Critical Nessus Plugin ID 84780


The remote FreeBSD host is missing one or more security-related updates.


The Mozilla Project reports :

MFSA 2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)

MFSA 2015-60 Local files or privileged URLs in pages can be opened into new tabs

MFSA 2015-61 Type confusion in Indexed Database Manager

MFSA 2015-62 Out-of-bound read while computing an oscillator rendering range in Web Audio

MFSA 2015-63 Use-after-free in Content Policy due to microtask execution error

MFSA 2015-64 ECDSA signature validation fails to handle some signatures correctly

MFSA 2015-65 Use-after-free in workers while using XMLHttpRequest

MFSA 2015-66 Vulnerabilities found through code inspection

MFSA 2015-67 Key pinning is ignored when overridable errors are encountered

MFSA 2015-68 OS X crash reports may contain entered key press information

MFSA 2015-69 Privilege escalation through internal workers

MFSA 2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites

MFSA 2015-71 NSS incorrectly permits skipping of ServerKeyExchange


Update the affected packages.

See Also

Plugin Details

Severity: Critical

ID: 84780

File Name: freebsd_pkg_44d9daee940c417986bb6e3ffd617869.nasl

Version: $Revision: 2.7 $

Type: local

Published: 2015/07/16

Modified: 2016/10/19

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C


Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:firefox-esr, p-cpe:/a:freebsd:freebsd:libxul, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:linux-thunderbird, p-cpe:/a:freebsd:freebsd:seamonkey, p-cpe:/a:freebsd:freebsd:thunderbird, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/07/16

Vulnerability Publication Date: 2015/07/02

Reference Information

CVE: CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2742, CVE-2015-2743, CVE-2015-4000