Firefox ESR < 38.3 Multiple Vulnerabilities (Mac OS X)

High Nessus Plugin ID 86068

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote Mac OS X host contains a web browser that is affected by multiple vulnerabilities.

Description

The version of Firefox ESR installed on the remote Mac OS X host is prior to 38.3. It is, therefore, affected by the following vulnerabilities :

- Multiple unspecified memory corruption issues exist due to improper validation of user-supplied input. A remote attacker can exploit these issues to corrupt memory and execute arbitrary code. (CVE-2015-4500)

- Multiple unspecified memory corruption issues exist due to improper validation of user-supplied input. A remote attacker can exploit these issues to corrupt memory and execute arbitrary code. (CVE-2015-4501)

- A buffer overflow condition exists in the libvpx component when parsing vp9 format video. A remote attacker can exploit this, via a specially crafted vp9 format video, to execute arbitrary code. (CVE-2015-4506)

- A user-after-free error exists when manipulating HTML media elements on a page during script manipulation of the URI table of these elements. An attacker can exploit this to cause a denial of service condition.
(CVE-2015-4509)

- A memory corruption issue exists in NetworkUtils.cpp. An attacker can potentially exploit this issue to cause a denial of service condition or to execute arbitrary code. (CVE-2015-4517)

- An information disclosure vulnerability exists due to a flaw that occurs when a previously loaded image on a page is dropped into content after a redirect, resulting in the redirected URL being available to scripts.
(CVE-2015-4519)

- Multiple security bypass vulnerabilities exist due to errors in the handling of CORS preflight request headers. (CVE-2015-4520)

- A memory corruption issue exists in the ConvertDialogOptions() function. An attacker can potentially exploit this issue to cause a denial of service condition or to execute arbitrary code.
(CVE-2015-4521)

- An overflow condition exists in the GetMaxLength() function. An attacker can potentially exploit this to cause a denial of service condition or to execute arbitrary code. (CVE-2015-4522)

- An overflow condition exists in the GrowBy() function.
An attacker can potentially exploit this to cause a denial of service condition or to execute arbitrary code. (CVE-2015-7174)

- An overflow condition exists in the AddText() function.
An attacker can potentially exploit this to cause a denial of service condition or to execute arbitrary code. (CVE-2015-7175)

- A stack overflow condition exists in the AnimationThread() function due to a bad sscanf argument. An attacker can potentially exploit this to cause a denial of service condition or to execute arbitrary code. (CVE-2015-7176)

- A memory corruption issue exists in the InitTextures() function. An attacker can potentially exploit this issue to cause a denial of service condition or to execute arbitrary code. (CVE-2015-7177)

- A memory corruption issue exists in ReadbackResultWriterD3D11::Run due to mishandling of the return status. An attacker can potentially exploit this issue to cause a denial of service condition or to execute arbitrary code. (CVE-2015-7180)

Solution

Upgrade to Firefox ESR 38.3 or later.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2015-96/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-110/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-111/

https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/

Plugin Details

Severity: High

ID: 86068

File Name: macosx_firefox_38_3_esr.nasl

Version: 1.8

Type: local

Agent: macosx

Published: 2015/09/22

Updated: 2019/11/20

Dependencies: 55417

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS Score Source: CVE-2015-7180

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:firefox_esr

Required KB Items: MacOSX/Firefox/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/09/22

Vulnerability Publication Date: 2015/09/22

Reference Information

CVE: CVE-2015-4500, CVE-2015-4501, CVE-2015-4506, CVE-2015-4509, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180