ID de Prueba:	1.3.6.1.4.1.25623.1.0.808642
Categoría:	General
Título:	Mozilla Firefox ESR Security Update (mfsa_2016-62_2016-84) - Windows
Resumen:	Mozilla Firefox ESR is prone to multiple vulnerabilities.
Descripción:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - The nsDisplayList::HitTest function mishandles rendering display transformation. - The Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function. - The Use-after-free vulnerability in the WebRTC socket thread. - The Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function. - The Use-after-free vulnerability in the nsXULPopupManager::KeyDown function. - The Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function. - The Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function. - Multiple unspecified vulnerabilities in the browser enginee. Vulnerability Impact: Successful exploitation of this vulnerability to bypass the same origin policy, to conduct Universal XSS (UXSS) attacks, to execute arbitrary code or cause a denial of service and to obtain sensitive information. Affected Software/OS: Mozilla Firefox ESR version 45.x before 45.3. Solution: Update to version 45.3 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5265 BugTraq ID: 92258 http://www.securityfocus.com/bid/92258 Debian Security Information: DSA-3640 (Google Search) http://www.debian.org/security/2016/dsa-3640 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:1551 http://rhn.redhat.com/errata/RHSA-2016-1551.html http://www.securitytracker.com/id/1036508 SuSE Security Announcement: openSUSE-SU-2016:1964 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:2026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://www.ubuntu.com/usn/USN-3044-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5264 Common Vulnerability Exposure (CVE) ID: CVE-2016-5263 Common Vulnerability Exposure (CVE) ID: CVE-2016-2837 http://www.zerodayinitiative.com/advisories/ZDI-16-673 Common Vulnerability Exposure (CVE) ID: CVE-2016-5262 Common Vulnerability Exposure (CVE) ID: CVE-2016-5259 Common Vulnerability Exposure (CVE) ID: CVE-2016-5258 Common Vulnerability Exposure (CVE) ID: CVE-2016-5254 BugTraq ID: 92261 http://www.securityfocus.com/bid/92261 Common Vulnerability Exposure (CVE) ID: CVE-2016-5252 Common Vulnerability Exposure (CVE) ID: CVE-2016-2836 RedHat Security Advisories: RHSA-2016:1809 http://rhn.redhat.com/errata/RHSA-2016-1809.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2838 Common Vulnerability Exposure (CVE) ID: CVE-2016-2830
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.