Test ID:	1.3.6.1.4.1.25623.1.0.850690
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1658-1)
Summary:	The remote host is missing an update for the 'MozillaFirefox'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the referenced advisory. Vulnerability Insight: MozillaFirefox was updated to Firefox 41.0 (bnc#947003) Security issues fixed: * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards * MFSA 2015-97/CVE-2015-4503 (bmo#994337) Memory leak in mozTCPSocket to servers * MFSA 2015-98/CVE-2015-4504 (bmo#1132467) Out of bounds read in QCMS library with ICC V4 profile attributes * MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only) Site attribute spoofing on Android by pasting URL with unknown scheme * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only) Arbitrary file manipulation by local user through Mozilla updater * MFSA 2015-101/CVE-2015-4506 (bmo#1192226) Buffer overflow in libvpx while parsing vp9 format video * MFSA 2015-102/CVE-2015-4507 (bmo#1192401) Crash when using debugger with SavedStacks in JavaScript * MFSA 2015-103/CVE-2015-4508 (bmo#1195976) URL spoofing in reader mode * MFSA 2015-104/CVE-2015-4510 (bmo#1200004) Use-after-free with shared workers and IndexedDB * MFSA 2015-105/CVE-2015-4511 (bmo#1200148) Buffer overflow while decoding WebM video * MFSA 2015-106/CVE-2015-4509 (bmo#1198435) Use-after-free while manipulating HTML media content * MFSA 2015-107/CVE-2015-4512 (bmo#1170390) Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems * MFSA 2015-108/CVE-2015-4502 (bmo#1105045) Scripted proxies can access inner window * MFSA 2015-109/CVE-2015-4516 (bmo#904886) JavaScript immutable property enforcement can be bypassed * MFSA 2015-110/CVE-2015-4519 (bmo#1189814) Dragging and dropping images exposes final URL after redirects * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869) Errors in the handling of CORS preflight request headers * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/ CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/ CVE-2015-7180 Vulnerabilities found through code inspection * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860, bmo#1190526) (Windows only) Memory safety errors in libGLES in the ANGLE graphics library * MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only) Information disclosure via the High Resolution Time API Affected Software/OS: MozillaFirefox on openSUSE 13.2, openSUSE 13.1 Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-4476 BugTraq ID: 76815 http://www.securityfocus.com/bid/76815 http://www.securitytracker.com/id/1033640 SuSE Security Announcement: openSUSE-SU-2015:1658 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4500 BugTraq ID: 76816 http://www.securityfocus.com/bid/76816 Debian Security Information: DSA-3365 (Google Search) http://www.debian.org/security/2015/dsa-3365 RedHat Security Advisories: RHSA-2015:1834 http://rhn.redhat.com/errata/RHSA-2015-1834.html RedHat Security Advisories: RHSA-2015:1852 http://rhn.redhat.com/errata/RHSA-2015-1852.html SuSE Security Announcement: SUSE-SU-2015:1680 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00004.html SuSE Security Announcement: SUSE-SU-2015:1703 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00007.html SuSE Security Announcement: SUSE-SU-2015:2081 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html SuSE Security Announcement: openSUSE-SU-2015:1679 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00003.html SuSE Security Announcement: openSUSE-SU-2015:1681 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html http://www.ubuntu.com/usn/USN-2743-1 http://www.ubuntu.com/usn/USN-2743-2 http://www.ubuntu.com/usn/USN-2743-3 http://www.ubuntu.com/usn/USN-2743-4 http://www.ubuntu.com/usn/USN-2754-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-4501 Common Vulnerability Exposure (CVE) ID: CVE-2015-4502 Common Vulnerability Exposure (CVE) ID: CVE-2015-4503 Common Vulnerability Exposure (CVE) ID: CVE-2015-4504 Common Vulnerability Exposure (CVE) ID: CVE-2015-4505 Common Vulnerability Exposure (CVE) ID: CVE-2015-4506 Common Vulnerability Exposure (CVE) ID: CVE-2015-4507 Common Vulnerability Exposure (CVE) ID: CVE-2015-4508 Common Vulnerability Exposure (CVE) ID: CVE-2015-4509 http://www.zerodayinitiative.com/advisories/ZDI-15-646 Common Vulnerability Exposure (CVE) ID: CVE-2015-4510 Common Vulnerability Exposure (CVE) ID: CVE-2015-4511 Common Vulnerability Exposure (CVE) ID: CVE-2015-4512 Common Vulnerability Exposure (CVE) ID: CVE-2015-4516 Common Vulnerability Exposure (CVE) ID: CVE-2015-4517 Common Vulnerability Exposure (CVE) ID: CVE-2015-4519 Common Vulnerability Exposure (CVE) ID: CVE-2015-4520 Common Vulnerability Exposure (CVE) ID: CVE-2015-4521 Common Vulnerability Exposure (CVE) ID: CVE-2015-4522 Common Vulnerability Exposure (CVE) ID: CVE-2015-7174 Common Vulnerability Exposure (CVE) ID: CVE-2015-7175 Common Vulnerability Exposure (CVE) ID: CVE-2015-7176 Common Vulnerability Exposure (CVE) ID: CVE-2015-7177 Common Vulnerability Exposure (CVE) ID: CVE-2015-7178 Common Vulnerability Exposure (CVE) ID: CVE-2015-7179 Common Vulnerability Exposure (CVE) ID: CVE-2015-7180
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.