Test ID:	1.3.6.1.4.1.25623.1.1.10.2019.0376
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2019-0376)
Summary:	The remote host is missing an update for the 'firefox, firefox-l10n, nspr' package(s) announced via the MGASA-2019-0376 advisory.
Description:	Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nspr' package(s) announced via the MGASA-2019-0376 advisory. Vulnerability Insight: Updated firefox packages fix security vulnerabilities: Stack corruption due to incorrect number of arguments in WebRTC code. (CVE-2019-13722) Buffer overflow in plain text serializer. (CVE-2019-17005) Use-after-free in worker destruction. (CVE-2019-17008) Updater temporary files accessible to unprivileged processes. (CVE-2019-17009) Use-after-free when performing device orientation checks. (CVE-2019-17010) Use-after-free when retrieving a document in antitracking. (CVE-2019-17011) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3. (CVE-2019-17012) Affected Software/OS: 'firefox, firefox-l10n, nspr' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13722 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025089 Common Vulnerability Exposure (CVE) ID: CVE-2019-17005 https://security.gentoo.org/glsa/202003-02 https://security.gentoo.org/glsa/202003-10 https://bugzilla.mozilla.org/show_bug.cgi?id=1584170 RedHat Security Advisories: RHSA-2020:0292 https://access.redhat.com/errata/RHSA-2020:0292 RedHat Security Advisories: RHSA-2020:0295 https://access.redhat.com/errata/RHSA-2020:0295 SuSE Security Announcement: openSUSE-SU-2020:0002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html SuSE Security Announcement: openSUSE-SU-2020:0003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html https://usn.ubuntu.com/4241-1/ https://usn.ubuntu.com/4335-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-17008 https://bugzilla.mozilla.org/show_bug.cgi?id=1546331 Common Vulnerability Exposure (CVE) ID: CVE-2019-17009 https://bugzilla.mozilla.org/show_bug.cgi?id=1510494 Common Vulnerability Exposure (CVE) ID: CVE-2019-17010 https://bugzilla.mozilla.org/show_bug.cgi?id=1581084 Common Vulnerability Exposure (CVE) ID: CVE-2019-17011 https://bugzilla.mozilla.org/show_bug.cgi?id=1591334 Common Vulnerability Exposure (CVE) ID: CVE-2019-17012 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1449736%2C1533957%2C1560667%2C1567209%2C1580288%2C1585760%2C1592502
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.