New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.7
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozillaFirefox was updated to Firefox 41.0 (bnc#947003)
Security issues fixed :
- MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards
- MFSA 2015-97/CVE-2015-4503 (bmo#994337) Memory leak in mozTCPSocket to servers
- MFSA 2015-98/CVE-2015-4504 (bmo#1132467) Out of bounds read in QCMS library with ICC V4 profile attributes
- MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only) Site attribute spoofing on Android by pasting URL with unknown scheme
- MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only) Arbitrary file manipulation by local user through Mozilla updater
- MFSA 2015-101/CVE-2015-4506 (bmo#1192226) Buffer overflow in libvpx while parsing vp9 format video
- MFSA 2015-103/CVE-2015-4508 (bmo#1195976) URL spoofing in reader mode
- MFSA 2015-104/CVE-2015-4510 (bmo#1200004) Use-after-free with shared workers and IndexedDB
- MFSA 2015-105/CVE-2015-4511 (bmo#1200148) Buffer overflow while decoding WebM video
- MFSA 2015-106/CVE-2015-4509 (bmo#1198435) Use-after-free while manipulating HTML media content
- MFSA 2015-107/CVE-2015-4512 (bmo#1170390) Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems
- MFSA 2015-108/CVE-2015-4502 (bmo#1105045) Scripted proxies can access inner window
- MFSA 2015-110/CVE-2015-4519 (bmo#1189814) Dragging and dropping images exposes final URL after redirects
- MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869) Errors in the handling of CORS preflight request headers
- MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/ CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/ CVE-2015-7180 Vulnerabilities found through code inspection
- MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860, bmo#1190526) (Windows only) Memory safety errors in libGLES in the ANGLE graphics library
- MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only) Information disclosure via the High Resolution Time API
SolutionUpdate the affected MozillaFirefox packages.