Test ID:	1.3.6.1.4.1.25623.1.2.1.2012.85
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2012-85) - Linux
Summary:	This host is missing a security update for Mozilla Firefox.
Description:	Summary: This host is missing a security update for Mozilla Firefox. Vulnerability Insight: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team discovered a series of use-after-free, buffer overflow, and out of bounds read issues using the Address Sanitizer tool in shipped software. These issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting two additional use-after-free flaws introduced during Firefox 16 development and fixed before general release. Affected Software/OS: Firefox version(s) below 16. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3995 BugTraq ID: 56136 http://www.securityfocus.com/bid/56136 http://www.mandriva.com/security/advisories?name=MDVSA-2012:163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16808 RedHat Security Advisories: RHSA-2012:1351 http://rhn.redhat.com/errata/RHSA-2012-1351.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50936 http://secunia.com/advisories/50984 http://secunia.com/advisories/55318 SuSE Security Announcement: SUSE-SU-2012:1351 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://www.ubuntu.com/usn/USN-1611-1 XForce ISS Database: firefox-iscsswordspacingspace-code-exec(79156) https://exchange.xforce.ibmcloud.com/vulnerabilities/79156 Common Vulnerability Exposure (CVE) ID: CVE-2012-4179 Debian Security Information: DSA-2565 (Google Search) http://www.debian.org/security/2012/dsa-2565 Debian Security Information: DSA-2569 (Google Search) http://www.debian.org/security/2012/dsa-2569 Debian Security Information: DSA-2572 (Google Search) http://www.debian.org/security/2012/dsa-2572 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882 http://secunia.com/advisories/51181 XForce ISS Database: firefox-createcsspropertytxn-code-exec(79157) https://exchange.xforce.ibmcloud.com/vulnerabilities/79157 Common Vulnerability Exposure (CVE) ID: CVE-2012-4180 http://osvdb.org/86099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16428 XForce ISS Database: firefox-isprevcharinnode-bo(79158) https://exchange.xforce.ibmcloud.com/vulnerabilities/79158 Common Vulnerability Exposure (CVE) ID: CVE-2012-4181 BugTraq ID: 56130 http://www.securityfocus.com/bid/56130 http://osvdb.org/86100 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16523 XForce ISS Database: firefox-nssmilanimationcontroller-code-exec(79159) https://exchange.xforce.ibmcloud.com/vulnerabilities/79159 Common Vulnerability Exposure (CVE) ID: CVE-2012-4182 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16191 XForce ISS Database: firefox-nstexteditrules-code-exec(79160) https://exchange.xforce.ibmcloud.com/vulnerabilities/79160 Common Vulnerability Exposure (CVE) ID: CVE-2012-4183 BugTraq ID: 56140 http://www.securityfocus.com/bid/56140 http://osvdb.org/86095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16850 XForce ISS Database: firefox-domsvgtests-code-exec(79161) https://exchange.xforce.ibmcloud.com/vulnerabilities/79161
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.