Test ID:	1.3.6.1.4.1.25623.1.1.10.2019.0116
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2019-0116)
Summary:	The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) announced via the MGASA-2019-0116 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) announced via the MGASA-2019-0116 advisory. Vulnerability Insight: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506). Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788). Use-after-free when removing in-use DOM elements (CVE-2019-9790). Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791). IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792). Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793). Type-confusion in IonMonkey JIT compiler (CVE-2019-9795). Use-after-free with SMIL animation controller (CVE-2019-9796). Affected Software/OS: 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-18506 BugTraq ID: 106773 http://www.securityfocus.com/bid/106773 Bugtraq: 20190320 [SECURITY] [DSA 4411-1] firefox-esr security update (Google Search) https://seclists.org/bugtraq/2019/Mar/28 Bugtraq: 20190401 [SECURITY] [DSA 4420-1] thunderbird security update (Google Search) https://seclists.org/bugtraq/2019/Apr/0 Debian Security Information: DSA-4411 (Google Search) https://www.debian.org/security/2019/dsa-4411 Debian Security Information: DSA-4420 (Google Search) https://www.debian.org/security/2019/dsa-4420 https://security.gentoo.org/glsa/201904-07 https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html https://lists.debian.org/debian-lts-announce/2019/04/msg00000.html RedHat Security Advisories: RHSA-2019:0622 https://access.redhat.com/errata/RHSA-2019:0622 RedHat Security Advisories: RHSA-2019:0623 https://access.redhat.com/errata/RHSA-2019:0623 RedHat Security Advisories: RHSA-2019:0680 https://access.redhat.com/errata/RHSA-2019:0680 RedHat Security Advisories: RHSA-2019:0681 https://access.redhat.com/errata/RHSA-2019:0681 RedHat Security Advisories: RHSA-2019:0966 https://access.redhat.com/errata/RHSA-2019:0966 RedHat Security Advisories: RHSA-2019:1144 https://access.redhat.com/errata/RHSA-2019:1144 SuSE Security Announcement: openSUSE-SU-2019:1056 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html SuSE Security Announcement: openSUSE-SU-2019:1077 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00043.html SuSE Security Announcement: openSUSE-SU-2019:1126 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html SuSE Security Announcement: openSUSE-SU-2019:1162 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html https://usn.ubuntu.com/3874-1/ https://usn.ubuntu.com/3927-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9788 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1518001%2C1521304%2C1521214%2C1506665%2C1516834%2C1518774%2C1524755%2C1523362%2C1524214%2C1529203 https://www.mozilla.org/security/advisories/mfsa2019-07/ https://www.mozilla.org/security/advisories/mfsa2019-08/ https://www.mozilla.org/security/advisories/mfsa2019-11/ Common Vulnerability Exposure (CVE) ID: CVE-2019-9790 https://bugzilla.mozilla.org/show_bug.cgi?id=1525145 Common Vulnerability Exposure (CVE) ID: CVE-2019-9791 https://bugzilla.mozilla.org/show_bug.cgi?id=1530958 Common Vulnerability Exposure (CVE) ID: CVE-2019-9792 http://packetstormsecurity.com/files/153106/Spidermonkey-IonMonkey-JS_OPTIMIZED_OUT-Value-Leak.html https://bugzilla.mozilla.org/show_bug.cgi?id=1532599 Common Vulnerability Exposure (CVE) ID: CVE-2019-9793 https://bugzilla.mozilla.org/show_bug.cgi?id=1528829 Common Vulnerability Exposure (CVE) ID: CVE-2019-9795 https://bugzilla.mozilla.org/show_bug.cgi?id=1514682 Common Vulnerability Exposure (CVE) ID: CVE-2019-9796 https://bugzilla.mozilla.org/show_bug.cgi?id=1531277
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.