Vulners
Lucene search
TencentOS Server 4: firefox (TSSA-2024:1058)
| Reporter | Title | Published | Views | Family All 555 |
|---|---|---|---|---|
 | firefox -- multiple vulnerabilities | 26 Nov 202400:00 | – | freebsd |
 | Amazon Linux 2 : firefox (ALASFIREFOX-2024-033) | 23 Dec 202400:00 | – | nessus |
| AlmaLinux 8 : thunderbird (ALSA-2024:10591) | 5 Dec 202400:00 | – | nessus |
| AlmaLinux 9 : thunderbird (ALSA-2024:10592) | 5 Dec 202400:00 | – | nessus |
| AlmaLinux 9 : firefox (ALSA-2024:10702) | 5 Dec 202400:00 | – | nessus |
| AlmaLinux 8 : firefox (ALSA-2024:10752) | 5 Dec 202400:00 | – | nessus |
| Debian dla-3969 : thunderbird - security update | 28 Nov 202400:00 | – | nessus |
| Debian dla-3971 : firefox-esr - security update | 28 Nov 202400:00 | – | nessus |
| Debian dsa-5820 : firefox-esr - security update | 27 Nov 202400:00 | – | nessus |
| Debian dsa-5821 : thunderbird - security update | 27 Nov 202400:00 | – | nessus |
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2024:1058.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(239345);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/20");
script_cve_id(
"CVE-2024-11691",
"CVE-2024-11692",
"CVE-2024-11693",
"CVE-2024-11694",
"CVE-2024-11695",
"CVE-2024-11696",
"CVE-2024-11697",
"CVE-2024-11698",
"CVE-2024-11699"
);
script_name(english:"TencentOS Server 4: firefox (TSSA-2024:1058)");
script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 4 host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1058 advisory.
Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:
CVE-2024-11699:
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs
showed evidence of memory corruption and we presume that with enough effort some of these could have been
exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5,
Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11698:
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in
fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit
fullscreen mode using standard actions like pressing Esc or accessing right-click menus, resulting in a
disrupted browsing experience until the browser is restarted.
*This bug only affects the application when running on macOS. Other operating systems are unaffected.*
This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11697:
When handling keypress events, an attacker may have been able to trick a user into bypassing the Open
Executable File? confirmation dialog. This could have led to malicious code execution. This vulnerability
affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11696:
The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on
signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have
caused runtime errors that disrupted the signature validation process. As a result, the enforcement of
signature validation for unrelated add-ons may have been bypassed. Signature validation in this context
is used to ensure that third-party applications on the user's computer have not tampered with the user's
extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR <
128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11695:
A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the
page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR <
128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11694:
Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and
DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have
exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox <
133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11693:
The executable file warning was not presented when downloading .library-ms files.
*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* This
vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11692:
An attacker could cause a select dropdown to be shown over another tab; this could have led to user
confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5,
Thunderbird < 133, and Thunderbird < 128.5.
CVE-2024-11691:
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and
memory corruption due to a flaw in Apple's GPU driver.
*This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This
vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and
Thunderbird < 128.5.
Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20241058.xml");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-11699");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2024-11698");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/12/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/12/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/06/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:firefox");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tencent Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl");
script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 4.x', 'TencentOS ' + os_version);
if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);
var constraints = [
{
'release': '4',
'pkgs': [
{'reference':'firefox-128.5.1-1.tl4.ap.1', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-128.5.1-1.tl4.ap.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-debuginfo-128.5.1-1.tl4.ap.1', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-debuginfo-128.5.1-1.tl4.ap.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-debugsource-128.5.1-1.tl4.ap.1', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-debugsource-128.5.1-1.tl4.ap.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-x11-128.5.1-1.tl4.ap.1', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},
{'reference':'firefox-x11-128.5.1-1.tl4.ap.1', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox / firefox-debuginfo / firefox-debugsource / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Nov 2025 00:00Current
7.8High risk
Vulners AI Score7.8
CVSS 3.19.8
EPSS0.00393
SSVC