Test Kennung:	1.3.6.1.4.1.25623.1.2.1.2016.73
Kategorie:	General
Titel:	Mozilla Firefox Security Advisory (MFSA2016-73) - Linux
Zusammenfassung:	This host is missing a security update for Mozilla Firefox.
Beschreibung:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Use-after-free in service workers with nested sync events Security researcher Looben Yang discovered a use-after-free vulnerability when working with nested sync event loops in Service Workers. He discovered a mechanism where scripts can close their own worker, which will then trigger a synchronization XMLHttpRequest on this now closed and released worker. This results in a potentially exploitable crash when triggered. Affected Software/OS: Firefox version(s) below 48. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5259 BugTraq ID: 92258 http://www.securityfocus.com/bid/92258 Debian Security Information: DSA-3640 (Google Search) http://www.debian.org/security/2016/dsa-3640 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:1551 http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.securitytracker.com/id/1036508 SuSE Security Announcement: openSUSE-SU-2016:1964 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:2026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://www.ubuntu.com/usn/USN-3044-1
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.