The host is missing an important security update according to Mozilla advisory, MFSA2016-25. The update is required to fix an use-after-free vulnerability. A flaw is present in the applications, which fails to handle WebRTC data-channel connections. Successful exploitation allows remote attackers to execute arbitrary code.
The host is missing an important security update according to Mozilla advisory, MFSA2016-28. The update is required to fix an unspecified vulnerability. A flaw is present in the applications, which fails to handle a crafted NPAPI plugin. Successful exploitation allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property.
The host is missing an important security update according to Mozilla advisory, MFSA2016-33. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to cause a denial of service (use-after-free).
The host is missing an important security update according to Mozilla advisory, MFSA2016-53. The update is required to fix an out-of-bounds write vulnerability. A flaw is present in the application, which fail to handle unknown vectors. Successful exploitation allows remote attackers to cause out-of-bounds write or crash the service due to improper size.
The host is missing a security update according to Apple advisory, APPLE-SA-2013-10-15-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a maliciously crafted untrusted Java applet. Successful exploitation could allow attackers to execute arbitrary code.
The host is missing a security update according to Apple advisory, APPLE-SA-2014-09-17-7. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service.
The host is missing a low severity security update according to Google advisory. The update is required to fix signature malleability vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation makes it easier for remote attackers to spoof RSA signatures.
The host is missing a security update according to Apple advisory, APPLE-SA-2014-11-17-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors. Successful exploitation allows attackers to execute remote code or obtain sensitive information.
The host is missing a security update according to Apple advisory, APPLE-SA-2014-10-16-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle certain vectors. Successful exploitation allows attackers to determine all the network addresses of the system or bypass a sandbox protection mechanism or execute arbitrary shell commands or ...
The host is missing a security update according to Apple advisory, APPLE-SA-2014-12-22-1. The update is required to fix an arbitrary code execution vulnerability. The flaw is present in the application, which fails to handle a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. Succes ...