The version of Firefox installed on the remote host is prior to 65.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-04 advisory:
- A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. (CVE-2018-18356)
- An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. (CVE-2019-5785)
- Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. Note: This only affects Firefox 65. Previous versions are unaffected. (CVE-2018-18511)
Note that Nessus Network Monitor has not tested for this issue but has instead relied only on the application’s self-reported version number.