The host is missing a security update according to Mozilla advisory, MFSA2016-04. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle cookie headers. Successful exploitation allows remote attackers to obtain sensitive information or execute arbitrary code.