Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0202
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0202)
Summary:	The remote host is missing an update for the 'firefox, firefox-l10n, nspr' package(s) announced via the MGASA-2018-0202 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nspr' package(s) announced via the MGASA-2018-0202 advisory. Vulnerability Insight: Memory safety bugs fixed in Firefox ESR 52.7 (CVE-2018-5125). Buffer overflow manipulating SVG animatedPathSegList (CVE-2018-5127). Out-of-bounds write with malformed IPC messages (CVE-2018-5129). Mismatched RTP payload type can trigger memory corruption (CVE-2018-5130). Fetch API improperly returns cached copies of no-store/no-cache resources (CVE-2018-5131). Integer overflow during Unicode conversion (CVE-2018-5144). Memory safety bugs fixed in Firefox ESR 52.7 (CVE-2018-5145). A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash (CVE-2018-5148). Affected Software/OS: 'firefox, firefox-l10n, nspr' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5125 BugTraq ID: 103388 http://www.securityfocus.com/bid/103388 Debian Security Information: DSA-4139 (Google Search) https://www.debian.org/security/2018/dsa-4139 Debian Security Information: DSA-4155 (Google Search) https://www.debian.org/security/2018/dsa-4155 https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/201811-13 https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html RedHat Security Advisories: RHSA-2018:0526 https://access.redhat.com/errata/RHSA-2018:0526 RedHat Security Advisories: RHSA-2018:0527 https://access.redhat.com/errata/RHSA-2018:0527 RedHat Security Advisories: RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0647 RedHat Security Advisories: RHSA-2018:0648 https://access.redhat.com/errata/RHSA-2018:0648 http://www.securitytracker.com/id/1040514 https://usn.ubuntu.com/3545-1/ https://usn.ubuntu.com/3596-1/ https://usn.ubuntu.com/3688-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-5127 Common Vulnerability Exposure (CVE) ID: CVE-2018-5129 Common Vulnerability Exposure (CVE) ID: CVE-2018-5130 Common Vulnerability Exposure (CVE) ID: CVE-2018-5131 Common Vulnerability Exposure (CVE) ID: CVE-2018-5144 BugTraq ID: 103384 http://www.securityfocus.com/bid/103384 Common Vulnerability Exposure (CVE) ID: CVE-2018-5145 Common Vulnerability Exposure (CVE) ID: CVE-2018-5148 BugTraq ID: 103506 http://www.securityfocus.com/bid/103506 Debian Security Information: DSA-4153 (Google Search) https://www.debian.org/security/2018/dsa-4153 https://lists.debian.org/debian-lts-announce/2018/03/msg00023.html RedHat Security Advisories: RHSA-2018:1098 https://access.redhat.com/errata/RHSA-2018:1098 RedHat Security Advisories: RHSA-2018:1099 https://access.redhat.com/errata/RHSA-2018:1099 http://www.securitytracker.com/id/1040574 https://usn.ubuntu.com/3609-1/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.