Test Kennung:	1.3.6.1.4.1.25623.1.0.806551
Kategorie:	General
Titel:	Mozilla Firefox Multiple Vulnerabilities - Nov15 (Mac OS X)
Zusammenfassung:	This host is installed with Mozilla; Firefox and is prone to multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are exists due to: - Lack of status checking in CryptoKey interface implementation. - Lack of status checking in 'AddWeightedPathSegLists' and 'SVGPathSegListSMILType::Interpolate' functions. - Buffer overflow in the 'rx::TextureStorage11' class in ANGLE graphics library. - An error in 'web worker' when creating WebSockets. - Java plugin can deallocate a JavaScript wrapper when it is still in use, which leads to a JavaScript garbage collection crash. - An error in URL parsing implementation. - Buffer underflow in 'libjar' triggered through a maliciously crafted ZIP format file. - An error in implementation of CORS cross-origin request algorithm - Buffer overflow in the 'JPEGEncoder' function during script interactions with a canvas element. - Trailing whitespaces are evaluated differently when parsing IP addresses instead of alphanumeric hostnames. - Error in 'Add-on SDK' in while creating panel. - Error in Reader View implementation in Mozilla Firefox. - Error in NTLM-based HTTP authentication. - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox. - NSS and NSPR Multiple memory corruption issues in NSS and NSPR. - An error in how HTML tables are exposed to accessibility tools. Vulnerability Impact: Successful exploitation will allow remote attackers to cause a denial of service, bypass security restrictions, to obtain sensitive information, execute arbitrary script code in a user's browser session and some unspecified impacts. Affected Software/OS: Mozilla Firefox version before 42.0 on Mac OS X Solution: Upgrade to Mozilla Firefox version 42.0 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 77412 BugTraq ID: 77415 BugTraq ID: 77416 Common Vulnerability Exposure (CVE) ID: CVE-2015-7200 BugTraq ID: 77411 http://www.securityfocus.com/bid/77411 Debian Security Information: DSA-3393 (Google Search) http://www.debian.org/security/2015/dsa-3393 Debian Security Information: DSA-3410 (Google Search) http://www.debian.org/security/2015/dsa-3410 https://security.gentoo.org/glsa/201512-10 RedHat Security Advisories: RHSA-2015:1982 http://rhn.redhat.com/errata/RHSA-2015-1982.html RedHat Security Advisories: RHSA-2015:2519 http://rhn.redhat.com/errata/RHSA-2015-2519.html http://www.securitytracker.com/id/1034069 SuSE Security Announcement: SUSE-SU-2015:1926 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html SuSE Security Announcement: SUSE-SU-2015:1978 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html SuSE Security Announcement: SUSE-SU-2015:1981 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html SuSE Security Announcement: SUSE-SU-2015:2081 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html SuSE Security Announcement: openSUSE-SU-2015:1942 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:2229 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html SuSE Security Announcement: openSUSE-SU-2015:2245 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html http://www.ubuntu.com/usn/USN-2785-1 http://www.ubuntu.com/usn/USN-2819-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-7199 Common Vulnerability Exposure (CVE) ID: CVE-2015-7198 Common Vulnerability Exposure (CVE) ID: CVE-2015-7197 Common Vulnerability Exposure (CVE) ID: CVE-2015-7196 Common Vulnerability Exposure (CVE) ID: CVE-2015-7195 Common Vulnerability Exposure (CVE) ID: CVE-2015-7194 Common Vulnerability Exposure (CVE) ID: CVE-2015-7193 Common Vulnerability Exposure (CVE) ID: CVE-2015-7189 Common Vulnerability Exposure (CVE) ID: CVE-2015-7188 Common Vulnerability Exposure (CVE) ID: CVE-2015-7187 Common Vulnerability Exposure (CVE) ID: CVE-2015-4518 Common Vulnerability Exposure (CVE) ID: CVE-2015-4515 Common Vulnerability Exposure (CVE) ID: CVE-2015-4514 Common Vulnerability Exposure (CVE) ID: CVE-2015-4513 Common Vulnerability Exposure (CVE) ID: CVE-2015-7183 http://www.securityfocus.com/bid/77415 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3406 (Google Search) http://www.debian.org/security/2015/dsa-3406 https://security.gentoo.org/glsa/201605-06 http://packetstormsecurity.com/files/134268/Slackware-Security-Advisory-mozilla-nss-Updates.html RedHat Security Advisories: RHSA-2015:1980 http://rhn.redhat.com/errata/RHSA-2015-1980.html RedHat Security Advisories: RHSA-2015:1981 http://rhn.redhat.com/errata/RHSA-2015-1981.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.399753 http://www.ubuntu.com/usn/USN-2790-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-7182 http://www.securityfocus.com/bid/77416 Debian Security Information: DSA-3688 (Google Search) http://www.debian.org/security/2016/dsa-3688 http://www.ubuntu.com/usn/USN-2791-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-7181 Common Vulnerability Exposure (CVE) ID: CVE-2015-7192
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.