Test Kennung:	1.3.6.1.4.1.25623.1.0.809327
Kategorie:	General
Titel:	Mozilla Firefox ESR Security Update (mfsa_2016-85_2016-86) - Mac OS X
Zusammenfassung:	Mozilla Firefox ESR is prone to multiple vulnerabilities.
Beschreibung:	Summary: Mozilla Firefox ESR is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString. - Bad cast in nsImageGeometryMixin. - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList. - Use-after-free in nsFrameManager::CaptureFrameState. - Heap-use-after-free in nsRefreshDriver::Tick. - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame. - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap. - Use-after-free in DOMSVGLength. - Add-on update site certificate pin expiration. - Resource Timing API is storing resources sent by the previous page. - Integer overflow and memory corruption in WebSocketChannel - Memory safety bugs. Vulnerability Impact: Successful exploitation of these vulnerabilities allow remote attackers to cause a denial of service, to execute arbitrary code, to obtain sensitive full-pathname information. Affected Software/OS: Mozilla Firefox ESR versions before 45.4. Solution: Update to version 45.4 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5270 BugTraq ID: 93049 http://www.securityfocus.com/bid/93049 Debian Security Information: DSA-3674 (Google Search) http://www.debian.org/security/2016/dsa-3674 https://security.gentoo.org/glsa/201701-15 RedHat Security Advisories: RHSA-2016:1912 http://rhn.redhat.com/errata/RHSA-2016-1912.html http://www.securitytracker.com/id/1036852 Common Vulnerability Exposure (CVE) ID: CVE-2016-5272 Common Vulnerability Exposure (CVE) ID: CVE-2016-5276 Common Vulnerability Exposure (CVE) ID: CVE-2016-5274 Common Vulnerability Exposure (CVE) ID: CVE-2016-5277 Common Vulnerability Exposure (CVE) ID: CVE-2016-5278 Common Vulnerability Exposure (CVE) ID: CVE-2016-5280 Common Vulnerability Exposure (CVE) ID: CVE-2016-5281 http://www.geeknik.net/7gr1u98b9 Common Vulnerability Exposure (CVE) ID: CVE-2016-5284 https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95 http://seclists.org/dailydave/2016/q3/51 Common Vulnerability Exposure (CVE) ID: CVE-2016-5250 BugTraq ID: 92260 http://www.securityfocus.com/bid/92260 http://www.securitytracker.com/id/1036508 SuSE Security Announcement: openSUSE-SU-2016:1964 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:2026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html http://www.ubuntu.com/usn/USN-3044-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5261 Common Vulnerability Exposure (CVE) ID: CVE-2016-5257 Debian Security Information: DSA-3690 (Google Search) http://www.debian.org/security/2016/dsa-3690 RedHat Security Advisories: RHSA-2016:1985 http://rhn.redhat.com/errata/RHSA-2016-1985.html
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.