Test ID:	1.3.6.1.4.1.25623.1.0.71511
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: firefox
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: firefox linux-firefox linux-seamonkey linux-thunderbird seamonkey thunderbird libxul CVE-2012-1949 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thunderbird 5.0 through 13.0, and SeaMonkey before 2.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2012-1950 The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. CVE-2012-1951 Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code by interacting with objects used for SMIL Timing. CVE-2012-1952 The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site. Text truncated. Please see the references for more information. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1949 BugTraq ID: 54580 http://www.securityfocus.com/bid/54580 http://osvdb.org/84006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17027 http://www.securitytracker.com/id?1027256 http://www.securitytracker.com/id?1027257 http://www.securitytracker.com/id?1027258 http://secunia.com/advisories/49965 http://secunia.com/advisories/49968 http://secunia.com/advisories/49972 http://secunia.com/advisories/49992 http://secunia.com/advisories/49993 http://secunia.com/advisories/49994 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0917 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 http://www.ubuntu.com/usn/USN-1510-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1950 Debian Security Information: DSA-2514 (Google Search) http://www.debian.org/security/2012/dsa-2514 Debian Security Information: DSA-2528 (Google Search) http://www.debian.org/security/2012/dsa-2528 http://osvdb.org/84008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970 RedHat Security Advisories: RHSA-2012:1088 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://secunia.com/advisories/49964 http://secunia.com/advisories/49979 Common Vulnerability Exposure (CVE) ID: CVE-2012-1951 BugTraq ID: 54578 http://www.securityfocus.com/bid/54578 http://osvdb.org/83997 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16077 http://secunia.com/advisories/49977 Common Vulnerability Exposure (CVE) ID: CVE-2012-1952 http://osvdb.org/83999 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16942 Common Vulnerability Exposure (CVE) ID: CVE-2012-1953 http://osvdb.org/83998 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16894 Common Vulnerability Exposure (CVE) ID: CVE-2012-1954 http://osvdb.org/83995 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984 http://secunia.com/advisories/49963 Common Vulnerability Exposure (CVE) ID: CVE-2012-1955 BugTraq ID: 54586 http://www.securityfocus.com/bid/54586 http://osvdb.org/83996 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17004 Common Vulnerability Exposure (CVE) ID: CVE-2012-1957 BugTraq ID: 54583 http://www.securityfocus.com/bid/54583 http://osvdb.org/84000 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16844 Common Vulnerability Exposure (CVE) ID: CVE-2012-1958 BugTraq ID: 54574 http://www.securityfocus.com/bid/54574 http://osvdb.org/84001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16434 Common Vulnerability Exposure (CVE) ID: CVE-2012-1959 BugTraq ID: 54576 http://www.securityfocus.com/bid/54576 http://osvdb.org/84002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16920 Common Vulnerability Exposure (CVE) ID: CVE-2012-1960 BugTraq ID: 54572 http://www.securityfocus.com/bid/54572 http://osvdb.org/84010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16735 Common Vulnerability Exposure (CVE) ID: CVE-2012-1961 BugTraq ID: 54584 http://www.securityfocus.com/bid/54584 http://osvdb.org/84003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16993 Common Vulnerability Exposure (CVE) ID: CVE-2012-1962 BugTraq ID: 54575 http://www.securityfocus.com/bid/54575 http://osvdb.org/84004 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16729 Common Vulnerability Exposure (CVE) ID: CVE-2012-1963 BugTraq ID: 54582 http://www.securityfocus.com/bid/54582 http://osvdb.org/84005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17056 Common Vulnerability Exposure (CVE) ID: CVE-2012-1964 BugTraq ID: 54581 http://www.securityfocus.com/bid/54581 http://osvdb.org/84011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16783 Common Vulnerability Exposure (CVE) ID: CVE-2012-1965 BugTraq ID: 54579 http://www.securityfocus.com/bid/54579 http://osvdb.org/84012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17001 Common Vulnerability Exposure (CVE) ID: CVE-2012-1966 BugTraq ID: 54577 http://www.securityfocus.com/bid/54577 http://osvdb.org/84009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17037 Common Vulnerability Exposure (CVE) ID: CVE-2012-1967 BugTraq ID: 54573 http://www.securityfocus.com/bid/54573 http://osvdb.org/84013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.