ID RHSA-2020:4330 Type redhat Reporter RedHat Modified 2020-10-26T12:42:03
Description
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 78.4.0 ESR.
Security Fix(es):
Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)
chromium-browser: Use after free in WebRTC (CVE-2020-15969)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{"cve": [{"lastseen": "2021-02-02T07:37:00", "description": "Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-10-22T21:15:00", "title": "CVE-2020-15683", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15683"], "modified": "2020-11-02T21:15:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:opensuse:leap:15.1", "cpe:/o:opensuse:leap:15.2", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2020-15683", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15683", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:37:00", "description": "Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "edition": 14, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-03T03:15:00", "title": "CVE-2020-15969", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15969"], "modified": "2021-01-30T02:27:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:fedoraproject:fedora:32", "cpe:/a:opensuse:backports_sle:15.0", "cpe:/o:fedoraproject:fedora:33", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-15969", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15969", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2020-10-27T07:18:10", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "This update for MozillaFirefox fixes the following issues:\n\n - Firefox Extended Support Release 78.4.0 ESR\n * Fixed: Various stability, functionality, and security fixes MFSA\n 2020-46 (bsc#1177872, bsc#1176756)\n * CVE-2020-15969 Use-after-free in usersctp\n * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR\n 78.4\n * Fixed: Fixed legacy preferences not being properly applied when set\n via GPO\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-10-27T03:13:29", "published": "2020-10-27T03:13:29", "id": "OPENSUSE-SU-2020:1748-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00062.html", "title": "Security update for MozillaFirefox (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-10-25T21:02:05", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "This update for MozillaFirefox fixes the following issues:\n\n - Firefox Extended Support Release 78.4.0 ESR\n * Fixed: Various stability, functionality, and security fixes MFSA\n 2020-46 (bsc#1177872, bsc#1176756)\n * CVE-2020-15969 Use-after-free in usersctp\n * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR\n 78.4\n * Fixed: Fixed legacy preferences not being properly applied when set\n via GPO\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-10-25T18:17:08", "published": "2020-10-25T18:17:08", "id": "OPENSUSE-SU-2020:1732-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00057.html", "title": "Security update for MozillaFirefox (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-10-31T17:20:36", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15673", "CVE-2020-15677", "CVE-2020-15678", "CVE-2020-15676", "CVE-2020-15683"], "description": "This update for MozillaThunderbird and mozilla-nspr fixes the following\n issues:\n\n - Mozilla Thunderbird 78.4\n * new: MailExtensions: browser.tabs.sendMessage API added\n * new: MailExtensions: messageDisplayScripts API added\n * changed: Yahoo and AOL mail users using password authentication will\n be migrated to OAuth2\n * changed: MailExtensions: messageDisplay APIs extended to support\n multiple selected messages\n * changed: MailExtensions: compose.begin functions now support creating\n a message with attachments\n * fixed: Thunderbird could freeze when updating global search index\n * fixed: Multiple issues with handling of self-signed SSL certificates\n addressed\n * fixed: Recipient address fields in compose window could expand to fill\n all available space\n * fixed: Inserting emoji characters in message compose window caused\n unexpected behavior\n * fixed: Button to restore default folder icon color was not keyboard\n accessible\n * fixed: Various keyboard navigation fixes\n * fixed: Various color-related theme fixes\n * fixed: MailExtensions: Updating attachments with\n onBeforeSend.addListener() did not work MFSA 2020-47 (bsc#1177977)\n * CVE-2020-15969 Use-after-free in usersctp\n * CVE-2020-15683 Memory safety bugs fixed in Thunderbird 78.4\n - Mozilla Thunderbird 78.3.3\n * OpenPGP: Improved support for encrypting with subkeys\n * OpenPGP message status icons were not visible in message header pane\n * Creating a new calendar event did not require an event title\n - Mozilla Thunderbird 78.3.2 (bsc#1176899)\n * OpenPGP: Improved support for encrypting with subkeys\n * OpenPGP: Encrypted messages with international characters were\n sometimes displayed incorrectly\n * Single-click deletion of recipient pills with middle mouse button\n restored\n * Searching an address book list did not display results\n * Dark mode, high contrast, and Windows theming fixes\n - Mozilla Thunderbird 78.3.1\n * fix crash in nsImapProtocol::CreateNewLineFromSocket\n - Mozilla Thunderbird 78.3.0 MFSA 2020-44 (bsc#1176756)\n * CVE-2020-15677 Download origin spoofing via redirect\n * CVE-2020-15676 XSS when pasting attacker-controlled data into a\n contenteditable element\n * CVE-2020-15678 When recursing through layers while scrolling, an\n iterator may have become invalid, resulting in a potential use-after-\n free scenario\n * CVE-2020-15673 Memory safety bugs fixed in Thunderbird 78.3\n\n - update mozilla-nspr to version 4.25.1\n * The macOS platform code for shared library loading was changed to\n support macOS 11.\n * Dependency needed for the MozillaThunderbird udpate\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-10-31T15:14:43", "published": "2020-10-31T15:14:43", "id": "OPENSUSE-SU-2020:1785-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00077.html", "title": "Security update for MozillaThunderbird and mozilla-nspr (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-31T05:16:36", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15673", "CVE-2020-15677", "CVE-2020-15678", "CVE-2020-15676", "CVE-2020-15683"], "description": "This update for MozillaThunderbird and mozilla-nspr fixes the following\n issues:\n\n - Mozilla Thunderbird 78.4\n * new: MailExtensions: browser.tabs.sendMessage API added\n * new: MailExtensions: messageDisplayScripts API added\n * changed: Yahoo and AOL mail users using password authentication will\n be migrated to OAuth2\n * changed: MailExtensions: messageDisplay APIs extended to support\n multiple selected messages\n * changed: MailExtensions: compose.begin functions now support creating\n a message with attachments\n * fixed: Thunderbird could freeze when updating global search index\n * fixed: Multiple issues with handling of self-signed SSL certificates\n addressed\n * fixed: Recipient address fields in compose window could expand to fill\n all available space\n * fixed: Inserting emoji characters in message compose window caused\n unexpected behavior\n * fixed: Button to restore default folder icon color was not keyboard\n accessible\n * fixed: Various keyboard navigation fixes\n * fixed: Various color-related theme fixes\n * fixed: MailExtensions: Updating attachments with\n onBeforeSend.addListener() did not work MFSA 2020-47 (bsc#1177977)\n * CVE-2020-15969 Use-after-free in usersctp\n * CVE-2020-15683 Memory safety bugs fixed in Thunderbird 78.4\n - Mozilla Thunderbird 78.3.3\n * OpenPGP: Improved support for encrypting with subkeys\n * OpenPGP message status icons were not visible in message header pane\n * Creating a new calendar event did not require an event title\n - Mozilla Thunderbird 78.3.2 (bsc#1176899)\n * OpenPGP: Improved support for encrypting with subkeys\n * OpenPGP: Encrypted messages with international characters were\n sometimes displayed incorrectly\n * Single-click deletion of recipient pills with middle mouse button\n restored\n * Searching an address book list did not display results\n * Dark mode, high contrast, and Windows theming fixes\n - Mozilla Thunderbird 78.3.1\n * fix crash in nsImapProtocol::CreateNewLineFromSocket\n - Mozilla Thunderbird 78.3.0 MFSA 2020-44 (bsc#1176756)\n * CVE-2020-15677 Download origin spoofing via redirect\n * CVE-2020-15676 XSS when pasting attacker-controlled data into a\n contenteditable element\n * CVE-2020-15678 When recursing through layers while scrolling, an\n iterator may have become invalid, resulting in a potential use-after-\n free scenario\n * CVE-2020-15673 Memory safety bugs fixed in Thunderbird 78.3\n\n - update mozilla-nspr to version 4.25.1\n * The macOS platform code for shared library loading was changed to\n support macOS 11.\n * Dependency needed for the MozillaThunderbird udpate\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-10-31T03:14:30", "published": "2020-10-31T03:14:30", "id": "OPENSUSE-SU-2020:1780-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00074.html", "title": "Security update for MozillaThunderbird and mozilla-nspr (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-10-28T13:24:05", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4780-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nOctober 25, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : thunderbird\nCVE ID : CVE-2020-15683 CVE-2020-15969\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code or denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:78.4.0-1~deb10u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2020-10-25T16:30:27", "published": "2020-10-25T16:30:27", "id": "DEBIAN:DSA-4780-1:EA32B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00187.html", "title": "[SECURITY] [DSA 4780-1] thunderbird security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-11T01:34:50", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2411-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Emilio Pozuelo Monfort\nOctober 21, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nVersion : 78.4.0esr-1~deb9u1\nCVE ID : CVE-2020-15683 CVE-2020-15969\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode.\n\nFor Debian 9 stretch, these problems have been fixed in version\n78.4.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 4, "modified": "2020-10-21T21:48:16", "published": "2020-10-21T21:48:16", "id": "DEBIAN:DLA-2411-1:64F1E", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202010/msg00023.html", "title": "[SECURITY] [DLA 2411-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T13:24:34", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2416-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Emilio Pozuelo Monfort\nOctober 27, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : thunderbird\nVersion : 1:78.4.0-1~deb9u1\nCVE ID : CVE-2020-15683 CVE-2020-15969\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code or denial of service.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:78.4.0-1~deb9u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 2, "modified": "2020-10-27T07:43:33", "published": "2020-10-27T07:43:33", "id": "DEBIAN:DLA-2416-1:96D00", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202010/msg00027.html", "title": "[SECURITY] [DLA 2416-1] thunderbird security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T13:15:19", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4778-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nOctober 21, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nCVE ID : CVE-2020-15683 CVE-2020-15969\n\nMultiple security issues have been found in the Mozilla Firefox web\nbrowser, which could potentially result in the execution of arbitrary\ncode.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 78.4.0esr-1~deb10u2.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2020-10-21T20:34:06", "published": "2020-10-21T20:34:06", "id": "DEBIAN:DSA-4778-1:FE1B0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00185.html", "title": "[SECURITY] [DSA 4778-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2020-10-28T05:16:22", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "### Background\n\nMozilla Firefox is a popular open-source web browser from the Mozilla project. \n\nMozilla Thunderbird is a popular open-source email client from the Mozilla project. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-82.0\"\n \n\nAll Mozilla Firefox (bin) users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-82.0\"\n \n\nAll Mozilla Firefox ESR users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/firefox-78.4.0:0/esr78\"\n \n\nAll Mozilla Firefox ESR (bin) users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-client/firefox-bin-78.4.0:0/esr78\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-78.4.0\"\n \n\nAll Mozilla Thunderbird (bin) users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-78.4.0\"", "edition": 1, "modified": "2020-10-28T00:00:00", "published": "2020-10-28T00:00:00", "id": "GLSA-202010-08", "href": "https://security.gentoo.org/glsa/202010-08", "title": "Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2020-10-29T19:16:57", "bulletinFamily": "info", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "### *Detect date*:\n10/20/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code.\n\n### *Affected products*:\nMozilla Firefox ESR earlier than 78.4\n\n### *Solution*:\nUpdate to the latest version \n[Download Firefox ESR](<https://www.mozilla.org/en-US/firefox/all/#product-desktop-esr>)\n\n### *Original advisories*:\n[MFSA2020-46](<https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox ESR](<https://threats.kaspersky.com/en/product/Mozilla-Firefox-ESR/>)\n\n### *CVE-IDS*:\n[CVE-2020-15969](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969>)0.0Unknown \n[CVE-2020-15683](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15683>)0.0Unknown", "edition": 1, "modified": "2020-10-23T00:00:00", "published": "2020-10-20T00:00:00", "id": "KLA11983", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11983", "title": "\r KLA11983Multiple vulnerabilities in Mozilla Firefox ESR ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-03T05:32:00", "bulletinFamily": "info", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "### *Detect date*:\n10/21/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code.\n\n### *Affected products*:\nMozilla Thunderbird earlier than 78.4\n\n### *Solution*:\nUpdate to the latest version \n[Download Thunderbird](<https://www.mozilla.org/en-US/thunderbird/>)\n\n### *Original advisories*:\n[MFSA2020-47](<https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Thunderbird](<https://threats.kaspersky.com/en/product/Mozilla-Thunderbird/>)\n\n### *CVE-IDS*:\n[CVE-2020-15969](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969>)0.0Unknown \n[CVE-2020-15683](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15683>)0.0Unknown", "edition": 1, "modified": "2020-10-23T00:00:00", "published": "2020-10-21T00:00:00", "id": "KLA11987", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11987", "title": "\r KLA11987Multiple vulnerabilities in Mozilla Thunderbird ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-03T05:39:46", "bulletinFamily": "info", "cvelist": ["CVE-2020-15969", "CVE-2020-15682", "CVE-2020-15681", "CVE-2020-15680", "CVE-2020-15684", "CVE-2020-15683", "CVE-2020-15254"], "description": "### *Detect date*:\n10/20/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code.\n\n### *Affected products*:\nMozilla Firefox earlier than 82\n\n### *Solution*:\nUpdate to the latest version \n[Download Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[MFSA2020-45](<https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2020-15969](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969>)0.0Unknown \n[CVE-2020-15682](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15682>)0.0Unknown \n[CVE-2020-15254](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15254>)5.0Critical \n[CVE-2020-15680](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15680>)0.0Unknown \n[CVE-2020-15681](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15681>)0.0Unknown \n[CVE-2020-15683](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15683>)0.0Unknown \n[CVE-2020-15684](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15684>)0.0Unknown", "edition": 1, "modified": "2020-10-23T00:00:00", "published": "2020-10-20T00:00:00", "id": "KLA11982", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11982", "title": "\r KLA11982Multiple vulnerabilitieis in Mozilla Firefox ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-11-17T19:27:53", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "[78.4.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[78.4.0-1]\n- Update to 78.4.0 build1\n- Disabled telemetry\n[78.3.1-1]\n- Update to 78.3.1 build1", "edition": 1, "modified": "2020-11-17T00:00:00", "published": "2020-11-17T00:00:00", "id": "ELSA-2020-4913", "href": "http://linux.oracle.com/errata/ELSA-2020-4913.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-14T11:26:23", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "[78.4.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[78.4.0-1]\n- Update to 78.4.0 build1\n- Disabled telemetry\n[78.3.1-1]\n- Update to 78.3.1 build1\n[78.3.0-3]\n- Update to 78.3.0 build1\n- Remove librdp.so as long as we cannot ship it in RHEL\n[78.2.1-1]\n- Update to 78.2.1 build1", "edition": 1, "modified": "2020-11-14T00:00:00", "published": "2020-11-14T00:00:00", "id": "ELSA-2020-4947", "href": "http://linux.oracle.com/errata/ELSA-2020-4947.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T13:26:53", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "[78.4.0-1.0.1]\n- Remove upstream references [Orabug: 30143292]\n- Update distribution for Oracle Linux [Orabug: 30143292]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[78.4.0-1]\n- Update to 78.4.0 build2", "edition": 4, "modified": "2020-10-24T00:00:00", "published": "2020-10-24T00:00:00", "id": "ELSA-2020-4310", "href": "http://linux.oracle.com/errata/ELSA-2020-4310.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T13:26:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "[78.4.0-1.0.1]\n- Removed Upstream references\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[78.4.0-1]\n- Update to 78.4.0 build2", "edition": 3, "modified": "2020-10-26T00:00:00", "published": "2020-10-26T00:00:00", "id": "ELSA-2020-4317", "href": "http://linux.oracle.com/errata/ELSA-2020-4317.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-08T23:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "[78.4.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[78.4.0-1]\n- Update to 78.4.0 build1\n- Disabled telemetry", "edition": 1, "modified": "2020-11-06T00:00:00", "published": "2020-11-06T00:00:00", "id": "ELSA-2020-4909", "href": "http://linux.oracle.com/errata/ELSA-2020-4909.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-11-09T17:24:18", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "**CentOS Errata and Security Advisory** CESA-2020:4330\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2020-November/035817.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-11-09T13:18:25", "published": "2020-11-09T13:18:25", "id": "CESA-2020:4330", "href": "http://lists.centos.org/pipermail/centos-announce/2020-November/035817.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-07T01:38:08", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "**CentOS Errata and Security Advisory** CESA-2020:4310\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2020-November/012868.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-11-06T21:55:20", "published": "2020-11-06T21:55:20", "id": "CESA-2020:4310", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2020-November/012868.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-09T17:29:58", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "**CentOS Errata and Security Advisory** CESA-2020:4947\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2020-November/035818.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-11-09T13:18:46", "published": "2020-11-09T13:18:46", "id": "CESA-2020:4947", "href": "http://lists.centos.org/pipermail/centos-announce/2020-November/035818.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-07T01:40:44", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "description": "**CentOS Errata and Security Advisory** CESA-2020:4909\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2020-November/012869.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-11-06T21:55:27", "published": "2020-11-06T21:55:27", "id": "CESA-2020:4909", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2020-November/012869.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2020-11-04T12:16:46", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-04T15:16:00", "published": "2020-11-04T14:40:54", "id": "RHSA-2020:4909", "href": "https://access.redhat.com/errata/RHSA-2020:4909", "type": "redhat", "title": "(RHSA-2020:4909) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T10:17:24", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-23T00:39:31", "published": "2020-10-23T00:26:56", "id": "RHSA-2020:4317", "href": "https://access.redhat.com/errata/RHSA-2020:4317", "type": "redhat", "title": "(RHSA-2020:4317) Important: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-05T10:18:50", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-05T13:58:47", "published": "2020-11-05T13:24:27", "id": "RHSA-2020:4945", "href": "https://access.redhat.com/errata/RHSA-2020:4945", "type": "redhat", "title": "(RHSA-2020:4945) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T10:17:42", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-22T20:44:31", "published": "2020-10-22T20:21:27", "id": "RHSA-2020:4310", "href": "https://access.redhat.com/errata/RHSA-2020:4310", "type": "redhat", "title": "(RHSA-2020:4310) Important: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-05T10:17:13", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-05T13:47:14", "published": "2020-11-05T13:19:17", "id": "RHSA-2020:4944", "href": "https://access.redhat.com/errata/RHSA-2020:4944", "type": "redhat", "title": "(RHSA-2020:4944) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-04T14:16:42", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-04T17:19:15", "published": "2020-11-04T15:56:30", "id": "RHSA-2020:4913", "href": "https://access.redhat.com/errata/RHSA-2020:4913", "type": "redhat", "title": "(RHSA-2020:4913) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-05T10:18:12", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-05T14:07:59", "published": "2020-11-05T13:24:42", "id": "RHSA-2020:4947", "href": "https://access.redhat.com/errata/RHSA-2020:4947", "type": "redhat", "title": "(RHSA-2020:4947) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T10:17:19", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-22T21:28:59", "published": "2020-10-22T21:20:28", "id": "RHSA-2020:4315", "href": "https://access.redhat.com/errata/RHSA-2020:4315", "type": "redhat", "title": "(RHSA-2020:4315) Important: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-05T10:17:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 78.4.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-11-05T13:41:05", "published": "2020-11-05T13:24:43", "id": "RHSA-2020:4948", "href": "https://access.redhat.com/errata/RHSA-2020:4948", "type": "redhat", "title": "(RHSA-2020:4948) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T10:17:26", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15683", "CVE-2020-15969"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 78.4.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n* chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-22T20:27:25", "published": "2020-10-22T20:22:08", "id": "RHSA-2020:4311", "href": "https://access.redhat.com/errata/RHSA-2020:4311", "type": "redhat", "title": "(RHSA-2020:4311) Important: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-11-19T05:35:37", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4948 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-05T00:00:00", "title": "RHEL 8 : thunderbird (RHSA-2020:4948)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-11-05T00:00:00", "cpe": ["cpe:/o:redhat:rhel_tus:8.2", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/o:redhat:rhel_aus:8.2", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource", "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/a:redhat:rhel_eus:8.2::appstream"], "id": "REDHAT-RHSA-2020-4948.NASL", "href": "https://www.tenable.com/plugins/nessus/142477", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4948. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142477);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4948\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2020:4948)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4948 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1885885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debugsource packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_aus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_eus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_tus:8.2::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8\\.2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4948');\n}\n\npkgs = [\n {'reference':'thunderbird-78.4.0-1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_eus_8_2_appstream']},\n {'reference':'thunderbird-78.4.0-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_eus_8_2_appstream']},\n {'reference':'thunderbird-debugsource-78.4.0-1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_eus_8_2_appstream']},\n {'reference':'thunderbird-debugsource-78.4.0-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_2', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_eus_8_2_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debugsource');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-12T14:48:38", "description": "This update for MozillaFirefox fixes the following issues :\n\nFirefox Extended Support Release 78.4.0 ESR\n\n - Fixed: Various stability, functionality, and security\n fixes MFSA 2020-46 (bsc#1177872, bsc#1176756)\n\n - CVE-2020-15969 Use-after-free in usersctp\n\n - CVE-2020-15683 Memory safety bugs fixed in Firefox 82\n and Firefox ESR 78.4\n\n - Fixed: Fixed legacy preferences not being properly\n applied when set via GPO\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3022-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other", "p-cpe:/a:novell:suse_linux:MozillaFirefox-devel"], "id": "SUSE_SU-2020-3022-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143659", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3022-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143659);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3022-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for MozillaFirefox fixes the following issues :\n\nFirefox Extended Support Release 78.4.0 ESR\n\n - Fixed: Various stability, functionality, and security\n fixes MFSA 2020-46 (bsc#1177872, bsc#1176756)\n\n - CVE-2020-15969 Use-after-free in usersctp\n\n - CVE-2020-15683 Memory safety bugs fixed in Firefox 82\n and Firefox ESR 78.4\n\n - Fixed: Fixed legacy preferences not being properly\n applied when set via GPO\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176756\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15969/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203022-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?201346b1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3022=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-debuginfo-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-debugsource-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-devel-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-translations-common-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"MozillaFirefox-translations-other-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-debuginfo-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-debugsource-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-devel-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-translations-common-78.4.0-3.113.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"MozillaFirefox-translations-other-78.4.0-3.113.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-13T04:49:57", "description": "The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2020-4310 advisory.\n\n - Use after free in WebRTC. (CVE-2020-15969)\n\n - Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR\n 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4,\n Firefox < 82, and Thunderbird < 78.4. (CVE-2020-15683)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-23T00:00:00", "title": "Oracle Linux 7 : firefox (ELSA-2020-4310)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-10-23T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-4310.NASL", "href": "https://www.tenable.com/plugins/nessus/141857", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4310.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141857);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/10\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n\n script_name(english:\"Oracle Linux 7 : firefox (ELSA-2020-4310)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2020-4310 advisory.\n\n - Use after free in WebRTC. (CVE-2020-15969)\n\n - Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR\n 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some\n of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4,\n Firefox < 82, and Thunderbird < 78.4. (CVE-2020-15683)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-4310.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'firefox-78.4.0-1.0.1.el7_9', 'cpu':'i686', 'release':'7', 'allowmaj':TRUE},\n {'reference':'firefox-78.4.0-1.0.1.el7_9', 'cpu':'x86_64', 'release':'7', 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:30:23", "description": "This update for MozillaFirefox fixes the following issues :\n\nFirefox Extended Support Release 78.4.0 ESR\n\n - Fixed: Various stability, functionality, and security\n fixes MFSA 2020-46 (bsc#1177872, bsc#1176756)\n\n - CVE-2020-15969 Use-after-free in usersctp\n\n - CVE-2020-15683 Memory safety bugs fixed in Firefox 82\n and Firefox ESR 78.4\n\n - Fixed: Fixed legacy preferences not being properly\n applied when set via GPO\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "title": "SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3053-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:MozillaFirefox", "p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo", "p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common", "p-cpe:/a:novell:suse_linux:MozillaFirefox-devel"], "id": "SUSE_SU-2020-3053-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143709", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3053-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143709);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n\n script_name(english:\"SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3053-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for MozillaFirefox fixes the following issues :\n\nFirefox Extended Support Release 78.4.0 ESR\n\n - Fixed: Various stability, functionality, and security\n fixes MFSA 2020-46 (bsc#1177872, bsc#1176756)\n\n - CVE-2020-15969 Use-after-free in usersctp\n\n - CVE-2020-15683 Memory safety bugs fixed in Firefox 82\n and Firefox ESR 78.4\n\n - Fixed: Fixed legacy preferences not being properly\n applied when set via GPO\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176756\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1177872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15969/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203053-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2bcf5dbb\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-3053=1\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-3053=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2020-3053=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-3053=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-3053=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-3053=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2020-3053=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-3053=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3053=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-3053=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-3053=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-3053=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-debuginfo-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-debugsource-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-devel-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"MozillaFirefox-translations-common-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-debuginfo-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-debugsource-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-devel-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"MozillaFirefox-translations-common-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"MozillaFirefox-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"MozillaFirefox-debuginfo-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"MozillaFirefox-debugsource-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"MozillaFirefox-devel-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"MozillaFirefox-translations-common-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-debuginfo-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-debugsource-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-devel-78.4.0-112.28.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"MozillaFirefox-translations-common-78.4.0-112.28.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-19T05:35:37", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4944 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-05T00:00:00", "title": "RHEL 8 : thunderbird (RHSA-2020:4944)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-11-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/a:redhat:rhel_e4s:8.0::appstream", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource", "cpe:/o:redhat:rhel_e4s:8.0"], "id": "REDHAT-RHSA-2020-4944.NASL", "href": "https://www.tenable.com/plugins/nessus/142471", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4944. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142471);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/18\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4944\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2020:4944)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4944 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1885885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debugsource packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_e4s:8.0::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_e4s_8_0_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4944');\n}\n\npkgs = [\n {'reference':'thunderbird-78.4.0-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']},\n {'reference':'thunderbird-debugsource-78.4.0-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['rhel_e4s_8_0_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debugsource');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-21T06:05:40", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4310 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 5, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-22T00:00:00", "title": "RHEL 7 : firefox (RHSA-2020:4310)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-10-22T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7::server", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:firefox", "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client"], "id": "REDHAT-RHSA-2020-4310.NASL", "href": "https://www.tenable.com/plugins/nessus/141819", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4310. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141819);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4310\");\n\n script_name(english:\"RHEL 7 : firefox (RHSA-2020:4310)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4310 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1885885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected firefox package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-for-system-z-a-debug-rpms',\n 'rhel-7-for-system-z-a-optional-debug-rpms',\n 'rhel-7-for-system-z-a-optional-rpms',\n 'rhel-7-for-system-z-a-optional-source-rpms',\n 'rhel-7-for-system-z-a-rpms',\n 'rhel-7-for-system-z-a-source-rpms',\n 'rhel-7-for-system-z-debug-rpms',\n 'rhel-7-for-system-z-fastrack-debug-rpms',\n 'rhel-7-for-system-z-fastrack-rpms',\n 'rhel-7-for-system-z-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-debug-rpms',\n 'rhel-7-for-system-z-optional-fastrack-rpms',\n 'rhel-7-for-system-z-optional-fastrack-source-rpms',\n 'rhel-7-for-system-z-optional-rpms',\n 'rhel-7-for-system-z-optional-source-rpms',\n 'rhel-7-for-system-z-rpms',\n 'rhel-7-for-system-z-source-rpms',\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-rpms',\n 'rhel-ha-for-rhel-7-for-system-z-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-debug-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-rpms',\n 'rhel-rs-for-rhel-7-for-system-z-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4310');\n}\n\npkgs = [\n {'reference':'firefox-78.4.0-1.el7_9', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'firefox-78.4.0-1.el7_9', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']},\n {'reference':'firefox-78.4.0-1.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firefox');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-01T09:37:38", "description": "The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2020:4947 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-09T00:00:00", "title": "CentOS 6 : thunderbird (CESA-2020:4947)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-11-09T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS_RHSA-2020-4947.NASL", "href": "https://www.tenable.com/plugins/nessus/142645", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4947 and\n# CentOS Errata and Security Advisory 2020:4947 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142645);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4947\");\n\n script_name(english:\"CentOS 6 : thunderbird (CESA-2020:4947)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nCESA-2020:4947 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-November/035818.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd24c31c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CentOS 6.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'thunderbird-78.4.0-1.el6.centos', 'cpu':'i686', 'release':'CentOS-6', 'allowmaj':TRUE},\n {'reference':'thunderbird-78.4.0-1.el6.centos', 'cpu':'x86_64', 'release':'CentOS-6', 'allowmaj':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-21T06:06:08", "description": "The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4947 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-05T00:00:00", "title": "RHEL 6 : thunderbird (RHSA-2020:4947)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-11-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:enterprise_linux:6::client", "cpe:/o:redhat:enterprise_linux:6::workstation", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6::server"], "id": "REDHAT-RHSA-2020-4947.NASL", "href": "https://www.tenable.com/plugins/nessus/142476", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4947. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142476);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4947\");\n\n script_name(english:\"RHEL 6 : thunderbird (RHSA-2020:4947)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4947 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4947\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1885885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6::client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6::server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6::workstation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_6_client': [\n 'rhel-6-desktop-debug-rpms',\n 'rhel-6-desktop-fastrack-debug-rpms',\n 'rhel-6-desktop-fastrack-rpms',\n 'rhel-6-desktop-fastrack-source-rpms',\n 'rhel-6-desktop-optional-debug-rpms',\n 'rhel-6-desktop-optional-fastrack-debug-rpms',\n 'rhel-6-desktop-optional-fastrack-rpms',\n 'rhel-6-desktop-optional-fastrack-source-rpms',\n 'rhel-6-desktop-optional-rpms',\n 'rhel-6-desktop-optional-source-rpms',\n 'rhel-6-desktop-rpms',\n 'rhel-6-desktop-source-rpms'\n ],\n 'enterprise_linux_6_server': [\n 'rhel-6-for-system-z-debug-rpms',\n 'rhel-6-for-system-z-fastrack-debug-rpms',\n 'rhel-6-for-system-z-fastrack-rpms',\n 'rhel-6-for-system-z-fastrack-source-rpms',\n 'rhel-6-for-system-z-optional-debug-rpms',\n 'rhel-6-for-system-z-optional-fastrack-debug-rpms',\n 'rhel-6-for-system-z-optional-fastrack-rpms',\n 'rhel-6-for-system-z-optional-fastrack-source-rpms',\n 'rhel-6-for-system-z-optional-rpms',\n 'rhel-6-for-system-z-optional-source-rpms',\n 'rhel-6-for-system-z-rpms',\n 'rhel-6-for-system-z-source-rpms',\n 'rhel-6-server-debug-rpms',\n 'rhel-6-server-fastrack-debug-rpms',\n 'rhel-6-server-fastrack-rpms',\n 'rhel-6-server-fastrack-source-rpms',\n 'rhel-6-server-optional-debug-rpms',\n 'rhel-6-server-optional-fastrack-debug-rpms',\n 'rhel-6-server-optional-fastrack-rpms',\n 'rhel-6-server-optional-fastrack-source-rpms',\n 'rhel-6-server-optional-rpms',\n 'rhel-6-server-optional-source-rpms',\n 'rhel-6-server-rpms',\n 'rhel-6-server-source-rpms',\n 'rhel-ha-for-rhel-6-server-debug-rpms',\n 'rhel-ha-for-rhel-6-server-rpms',\n 'rhel-ha-for-rhel-6-server-source-rpms',\n 'rhel-lb-for-rhel-6-server-debug-rpms',\n 'rhel-lb-for-rhel-6-server-rpms',\n 'rhel-lb-for-rhel-6-server-source-rpms',\n 'rhel-rs-for-rhel-6-server-debug-rpms',\n 'rhel-rs-for-rhel-6-server-rpms',\n 'rhel-rs-for-rhel-6-server-source-rpms',\n 'rhel-scalefs-for-rhel-6-server-debug-rpms',\n 'rhel-scalefs-for-rhel-6-server-rpms',\n 'rhel-scalefs-for-rhel-6-server-source-rpms'\n ],\n 'enterprise_linux_6_workstation': [\n 'rhel-6-workstation-debug-rpms',\n 'rhel-6-workstation-fastrack-debug-rpms',\n 'rhel-6-workstation-fastrack-rpms',\n 'rhel-6-workstation-fastrack-source-rpms',\n 'rhel-6-workstation-optional-debug-rpms',\n 'rhel-6-workstation-optional-fastrack-debug-rpms',\n 'rhel-6-workstation-optional-fastrack-rpms',\n 'rhel-6-workstation-optional-fastrack-source-rpms',\n 'rhel-6-workstation-optional-rpms',\n 'rhel-6-workstation-optional-source-rpms',\n 'rhel-6-workstation-rpms',\n 'rhel-6-workstation-source-rpms',\n 'rhel-scalefs-for-rhel-6-workstation-debug-rpms',\n 'rhel-scalefs-for-rhel-6-workstation-rpms',\n 'rhel-scalefs-for-rhel-6-workstation-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4947');\n}\n\npkgs = [\n {'reference':'thunderbird-78.4.0-1.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_6_client', 'enterprise_linux_6_server', 'enterprise_linux_6_workstation']},\n {'reference':'thunderbird-78.4.0-1.el6_10', 'cpu':'s390x', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_6_client', 'enterprise_linux_6_server', 'enterprise_linux_6_workstation']},\n {'reference':'thunderbird-78.4.0-1.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_6_client', 'enterprise_linux_6_server', 'enterprise_linux_6_workstation']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-21T06:06:07", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4913 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 5, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-04T00:00:00", "title": "RHEL 8 : thunderbird (RHSA-2020:4913)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-11-04T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/a:redhat:enterprise_linux:8::appstream", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2020-4913.NASL", "href": "https://www.tenable.com/plugins/nessus/142458", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4913. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142458);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"RHSA\", value:\"2020:4913\");\n\n script_name(english:\"RHEL 8 : thunderbird (RHSA-2020:4913)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4913 advisory.\n\n - Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683)\n\n - chromium-browser: Use after free in WebRTC (CVE-2020-15969)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/120.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4913\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1885885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1889932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected thunderbird and / or thunderbird-debugsource packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debugsource\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4913');\n}\n\npkgs = [\n {'reference':'thunderbird-78.4.0-1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream']},\n {'reference':'thunderbird-78.4.0-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream']},\n {'reference':'thunderbird-debugsource-78.4.0-1.el8_3', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream']},\n {'reference':'thunderbird-debugsource-78.4.0-1.el8_3', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'thunderbird / thunderbird-debugsource');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-15T04:17:17", "description": "The version of Firefox ESR installed on the remote Windows host is prior to 78.4. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2020-46 advisory. Note that Nessus has not tested for this issue but has\ninstead relied only on the application's self-reported version number.", "edition": 5, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-20T00:00:00", "title": "Mozilla Firefox ESR < 78.4", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-15969", "CVE-2020-15683"], "modified": "2020-10-20T00:00:00", "cpe": ["cpe:/a:mozilla:firefox_esr"], "id": "MOZILLA_FIREFOX_78_4_ESR.NASL", "href": "https://www.tenable.com/plugins/nessus/141570", "sourceData": "## \n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Mozilla Foundation Security Advisory mfsa2020-46.\n# The text itself is copyright (C) Mozilla Foundation.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141570);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/13\");\n\n script_cve_id(\"CVE-2020-15683\", \"CVE-2020-15969\");\n script_xref(name:\"MFSA\", value:\"2020-46\");\n script_xref(name:\"IAVA\", value:\"2020-A-0472-S\");\n\n script_name(english:\"Mozilla Firefox ESR < 78.4\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Firefox ESR installed on the remote Windows host is prior to 78.4. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mfsa2020-46 advisory. Note that Nessus has not tested for this issue but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Firefox ESR version 78.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15683\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox_esr\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude('mozilla_version.inc');\n\nport = get_kb_item('SMB/transport');\nif (!port) port = 445;\n\ninstalls = get_kb_list('SMB/Mozilla/Firefox/*');\nif (isnull(installs)) audit(AUDIT_NOT_INST, 'Firefox');\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'78.4', min:'78.0.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2020-12-24T20:43:59", "bulletinFamily": "software", "cvelist": ["CVE-2020-15969"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 14.0.2\n\nReleased December 14, 2020\n\n**WebRTC**\n\nAvailable for: macOS Catalina and macOS Mojave\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-15969: an anonymous researcher\n", "edition": 2, "modified": "2020-12-14T09:18:43", "published": "2020-12-14T09:18:43", "id": "APPLE:HT212007", "href": "https://support.apple.com/kb/HT212007", "title": "About the security content of Safari 14.0.2 - Apple Support", "type": "apple", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:42:25", "bulletinFamily": "software", "cvelist": ["CVE-2020-27943", "CVE-2020-15969", "CVE-2020-29617", "CVE-2020-27944", "CVE-2020-29619", "CVE-2020-29611", "CVE-2020-29624", "CVE-2020-27946", "CVE-2020-29618", "CVE-2020-27948"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 14.3\n\nReleased December 14, 2020\n\n**CoreAudio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-27948: JunDong Xie of Ant Security Light-Year Lab\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2020-27946: Mateusz Jurczyk of Google Project Zero\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.\n\nCVE-2020-27943: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-27944: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-29624: Mateusz Jurczyk of Google Project Zero\n\nEntry updated December 22, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to heap corruption\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29617: XingWei Lin of Ant Security Light-Year Lab\n\nCVE-2020-29619: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29618: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-29611: Alexandru-Vlad Niculae working with Google Project Zero\n\nEntry updated December 17, 2020\n\n**WebRTC**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-15969: an anonymous researcher\n", "edition": 4, "modified": "2020-12-22T05:55:59", "published": "2020-12-22T05:55:59", "id": "APPLE:HT212005", "href": "https://support.apple.com/kb/HT212005", "title": "About the security content of tvOS 14.3 - Apple Support", "type": "apple", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:42:05", "bulletinFamily": "software", "cvelist": ["CVE-2020-27943", "CVE-2020-15969", "CVE-2020-29617", "CVE-2020-27944", "CVE-2020-29619", "CVE-2020-29611", "CVE-2020-27951", "CVE-2020-29624", "CVE-2020-27946", "CVE-2020-29618", "CVE-2020-27948"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 7.2\n\nReleased December 14, 2020\n\n**CoreAudio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-27948: JunDong Xie of Ant Security Light-Year Lab\n\n**FontParser**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2020-27946: Mateusz Jurczyk of Google Project Zero\n\n**FontParser**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.\n\nCVE-2020-27943: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-27944: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-29624: Mateusz Jurczyk of Google Project Zero\n\nEntry updated December 22, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to heap corruption\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29617: XingWei Lin of Ant Security Light-Year Lab\n\nCVE-2020-29619: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29618: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-29611: Alexandru-Vlad Niculae working with Google Project Zero\n\nEntry updated December 17, 2020\n\n**Security**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Unauthorized code execution may lead to an authentication policy violation\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-27951: Apple\n\n**WebRTC**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-15969: an anonymous researcher\n", "edition": 4, "modified": "2020-12-22T05:59:49", "published": "2020-12-22T05:59:49", "id": "APPLE:HT212009", "href": "https://support.apple.com/kb/HT212009", "title": "About the security content of watchOS 7.2 - Apple Support", "type": "apple", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:41:16", "bulletinFamily": "software", "cvelist": ["CVE-2020-27943", "CVE-2020-15969", "CVE-2020-29617", "CVE-2020-27944", "CVE-2020-29619", "CVE-2020-29611", "CVE-2020-29613", "CVE-2020-27951", "CVE-2020-29624", "CVE-2020-27946", "CVE-2020-29618", "CVE-2020-27948"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 14.3 and iPadOS 14.3\n\nReleased December 14, 2020\n\n**App Store**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An enterprise application installation prompt may display the wrong domain\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-29613: Ryan Pickren (ryanpickren.com)\n\n**CoreAudio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-27948: JunDong Xie of Ant Security Light-Year Lab\n\n**FontParser**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted font may result in the disclosure of process memory\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2020-27946: Mateusz Jurczyk of Google Project Zero\n\n**FontParser**\n\nAvailable for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.\n\nCVE-2020-27943: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-27944: Mateusz Jurczyk of Google Project Zero\n\nCVE-2020-29624: Mateusz Jurczyk of Google Project Zero\n\nEntry updated December 22, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to heap corruption\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29617: XingWei Lin of Ant Security Light-Year Lab\n\nCVE-2020-29619: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-29618: XingWei Lin of Ant Security Light-Year Lab\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-29611: Alexandru-Vlad Niculae working with Google Project Zero\n\nEntry updated December 17, 2020\n\n**Security**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Unauthorized code execution may lead to an authentication policy violation\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-27951: Apple\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-15969: an anonymous researcher\n", "edition": 4, "modified": "2020-12-22T05:53:47", "published": "2020-12-22T05:53:47", "id": "APPLE:HT212003", "href": "https://support.apple.com/kb/HT212003", "title": "About the security content of iOS 14.3 and iPadOS 14.3 - Apple Support", "type": "apple", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-12-10T14:31:58", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15673", "CVE-2020-15677", "CVE-2020-15678", "CVE-2020-15676", "CVE-2020-15683", "CVE-2020-26950"], "description": "**Issue Overview:**\n\nThe Mozilla Foundation Security Advisory describes this flaw as: \nMozilla developer reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. ([CVE-2020-15673 __](<https://access.redhat.com/security/cve/CVE-2020-15673>))\n\nThe Mozilla Foundation Security Advisory describes this flaw as: \nFirefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. ([CVE-2020-15676 __](<https://access.redhat.com/security/cve/CVE-2020-15676>))\n\nThe Mozilla Foundation Security Advisory describes this flaw as: \nBy exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. ([CVE-2020-15677 __](<https://access.redhat.com/security/cve/CVE-2020-15677>))\n\nThe Mozilla Foundation Security Advisory describes this flaw as: \nWhen recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function `APZCTreeManager::ComputeClippedCompositionBounds` did not follow iterator invalidation rules. ([CVE-2020-15678 __](<https://access.redhat.com/security/cve/CVE-2020-15678>))\n\nMozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4. ([CVE-2020-15683 __](<https://access.redhat.com/security/cve/CVE-2020-15683>))\n\nUse after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ([CVE-2020-15969 __](<https://access.redhat.com/security/cve/CVE-2020-15969>))\n\nIn certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. ([CVE-2020-26950 __](<https://access.redhat.com/security/cve/CVE-2020-26950>))\n\n \n**Affected Packages:** \n\n\nthunderbird\n\n \n**Issue Correction:** \nRun _yum update thunderbird_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n thunderbird-78.4.3-1.amzn2.0.1.aarch64 \n thunderbird-debuginfo-78.4.3-1.amzn2.0.1.aarch64 \n \n src: \n thunderbird-78.4.3-1.amzn2.0.1.src \n \n x86_64: \n thunderbird-78.4.3-1.amzn2.0.1.x86_64 \n thunderbird-debuginfo-78.4.3-1.amzn2.0.1.x86_64 \n \n \n", "edition": 2, "modified": "2020-12-08T21:30:00", "published": "2020-12-08T21:30:00", "id": "ALAS2-2020-1572", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1572.html", "title": "Critical: thunderbird", "type": "amazon", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2020-11-06T11:39:41", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15254", "CVE-2020-15680", "CVE-2020-15681", "CVE-2020-15682", "CVE-2020-15683", "CVE-2020-15684", "CVE-2020-15969"], "description": "Arch Linux Security Advisory ASA-202011-1\n=========================================\n\nSeverity: Critical\nDate : 2020-11-02\nCVE-ID : CVE-2020-15254 CVE-2020-15680 CVE-2020-15681 CVE-2020-15682\nCVE-2020-15683 CVE-2020-15684 CVE-2020-15969\nPackage : firefox\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1256\n\nSummary\n=======\n\nThe package firefox before version 82.0-1 is vulnerable to multiple\nissues including arbitrary code execution, information disclosure and\ncontent spoofing.\n\nResolution\n==========\n\nUpgrade to 82.0-1.\n\n# pacman -Syu \"firefox>=82.0-1\"\n\nThe problems have been fixed upstream in version 82.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2020-15254 (arbitrary code execution)\n\nAn undefined behaviour leading to memory corruption issues has been\nfound in the crossbeam rust crate <= 0.4.3. The \"bounded\" channel\nincorrectly assumes that \"Vec::from_iter\" has allocated enough capacity\nfor the number of iterator elements. \"Vec::from_iter\" does not actually\nguarantee that and may allocate extra memory. The destructor of the\n\"bounded\" channel reconstructs \"Vec\" from the raw pointer based on the\nincorrect assumptions described above. This is unsound and causing\ndeallocation with the incorrect capacity when the size allocated by\n\"Vec::from_iter\" differs from the number of iterator elements.\n\n- CVE-2020-15680 (information disclosure)\n\nAn information disclosure issue has been found in Firefox before 82.0\nwhere if a valid external protocol handler was referenced in an image\ntag, the resulting broken image size could be distinguished from a\nbroken image size of a non-existent protocol handler. This allowed an\nattacker to successfully probe whether an external protocol handler was\nregistered.\n\n- CVE-2020-15681 (arbitrary code execution)\n\nA memory corruption issue has been found in Firefox before 82.0 where,\nwhen multiple WASM threads had a reference to a module, and were\nlooking up exported functions, one WASM thread could have overwritten\nthe entry of another thread in a shared stub table, resulting in a\npotentially exploitable crash.\n\n- CVE-2020-15682 (content spoofing)\n\nA spoofing issue has been found in Firefox before 82.0 where, when a\nlink to an external protocol was clicked, a prompt was presented that\nallowed the user to choose what application to open it in. An attacker\ncould induce that prompt to be associated with an origin they didn't\ncontrol, resulting in a spoofing attack. This was fixed by changing\nexternal protocol prompts to be tab-modal while also ensuring they\ncould not be incorrectly associated with a different origin.\n\n- CVE-2020-15683 (arbitrary code execution)\n\nSeveral memory safety bugs have been found in Firefox before 82.0 and\nFirefox ESR before 78.4. Some of these bugs showed evidence of memory\ncorruption and Mozilla presumes that with enough effort some of these\ncould have been exploited to run arbitrary code.\n\n- CVE-2020-15684 (arbitrary code execution)\n\nSeveral memory safety bugs have been found in Firefox before 82.0. Some\nof these bugs showed evidence of memory corruption and Mozilla presumes\nthat with enough effort some of these could have been exploited to run\narbitrary code.\n\n- CVE-2020-15969 (arbitrary code execution)\n\nA use after free security issue has been found in the WebRTC component\nof the chromium browser before 86.0.4240.75 and of Firefox before 82.0.\n\nImpact\n======\n\nA remote attacker might be able to access sensitive information or\nexecute arbitrary code.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15254\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1668514\nhttps://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-v5m7-53cv-f3hx\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15680\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1658881\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15681\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1666568\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15682\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1636654\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15683\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1576843%2C1656987%2C1660954%2C1662760%2C1663439%2C1666140\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15684\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1653764%2C1661402%2C1662259%2C1664257\nhttps://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop.html\nhttps://crbug.com/1124659\nhttps://security.archlinux.org/CVE-2020-15254\nhttps://security.archlinux.org/CVE-2020-15680\nhttps://security.archlinux.org/CVE-2020-15681\nhttps://security.archlinux.org/CVE-2020-15682\nhttps://security.archlinux.org/CVE-2020-15683\nhttps://security.archlinux.org/CVE-2020-15684\nhttps://security.archlinux.org/CVE-2020-15969", "modified": "2020-11-02T00:00:00", "published": "2020-11-02T00:00:00", "id": "ASA-202011-1", "href": "https://security.archlinux.org/ASA-202011-1", "type": "archlinux", "title": "[ASA-202011-1] firefox: multiple issues", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-10-28T13:50:07", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15682", "CVE-2020-15681", "CVE-2020-15680", "CVE-2020-15684", "CVE-2020-15683", "CVE-2020-15254"], "description": "USN-4599-1 fixed vulnerabilities in Firefox. This update provides the \ncorresponding updates for Ubuntu 16.04 LTS.\n\nOriginal advisory details:\n\nMultiple security issues were discovered in Firefox. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service, spoof the prompt \nfor opening an external application, obtain sensitive information, or execute \narbitrary code.", "edition": 2, "modified": "2020-10-26T00:00:00", "published": "2020-10-26T00:00:00", "id": "USN-4599-2", "href": "https://ubuntu.com/security/notices/USN-4599-2", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T13:34:45", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-15682", "CVE-2020-15681", "CVE-2020-15680", "CVE-2020-15684", "CVE-2020-15683", "CVE-2020-15254"], "description": "Multiple security issues were discovered in Firefox. If a user were \ntricked in to opening a specially crafted website, an attacker could \npotentially exploit these to cause a denial of service, spoof the prompt \nfor opening an external application, obtain sensitive information, or execute \narbitrary code.", "edition": 2, "modified": "2020-10-23T00:00:00", "published": "2020-10-23T00:00:00", "id": "USN-4599-1", "href": "https://ubuntu.com/security/notices/USN-4599-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-10T13:20:41", "bulletinFamily": "unix", "cvelist": ["CVE-2020-16012", "CVE-2020-15969", "CVE-2020-26965", "CVE-2020-26951", "CVE-2020-26959", "CVE-2020-26956", "CVE-2020-26968", "CVE-2020-26961", "CVE-2020-15683", "CVE-2020-26953", "CVE-2020-26950", "CVE-2020-26960", "CVE-2020-26958"], "description": "Multiple security issues were discovered in Thunderbird. If a user were \ntricked in to opening a specially crafted website in a browsing context, \nan attacker could potentially exploit these to cause a denial of service, \nobtain sensitive information across origins, bypass security restrictions, \nconduct phishing attacks, conduct cross-site scripting (XSS) attacks, \nbypass Content Security Policy (CSP) restrictions, conduct DNS rebinding \nattacks, or execute arbitrary code.", "edition": 2, "modified": "2020-11-25T00:00:00", "published": "2020-11-25T00:00:00", "id": "USN-4647-1", "href": "https://ubuntu.com/security/notices/USN-4647-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2020-09-26T12:42:07", "bulletinFamily": "unix", "cvelist": ["CVE-2020-15969", "CVE-2020-6574", "CVE-2020-6573", "CVE-2020-6576", "CVE-2020-6575"], "description": "\nChrome Releases reports:\n\nThis release contains 5 security fixes:\n\n[1116304] High CVE-2020-6573: Use after free in video. Reported\n\t by Leecraso and Guang Gong of 360 Alpha Lab working with 360\n\t BugCloud on 2020-08-14\n[1102196] High CVE-2020-6574: Insufficient policy\n\t enforcement in installer. Reported by CodeColorist of\n\t Ant-Financial LightYear Labs on 2020-07-05\n[1081874] High CVE-2020-6575: Race in Mojo. Reported by\n\t Microsoft on 2020-05-12\n[1111737] High CVE-2020-6576: Use after free in offscreen\n\t canvas. Reported by Looben Yang on 2020-07-31\n[1122684] High CVE-2020-15959: Insufficient policy enforcement\n\t in networking. Reported by Eric Lawrence of Microsoft on\n\t 2020-08-27\n\n\n", "edition": 2, "modified": "2020-09-08T00:00:00", "published": "2020-09-08T00:00:00", "id": "BED5D41A-F2B4-11EA-A878-E09467587C17", "href": "https://vuxml.freebsd.org/freebsd/bed5d41a-f2b4-11ea-a878-e09467587c17.html", "title": "chromium -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2020-10-13T22:01:12", "bulletinFamily": "info", "cvelist": ["CVE-2020-15967", "CVE-2020-15969", "CVE-2020-15971", "CVE-2020-15972", "CVE-2020-15991"], "description": "Google\u2019s latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes \u2013 including a critical bug \u2013 and a feature that checks if users have any compromised passwords.\n\nAs of Tuesday, Chrome 86 is being promoted to the stable channel for Windows, Mac and Linux and will roll out over the coming days. The versions of the browser for Android and iOS were also released Tuesday, and will become available on Google Play and the App Store this week.\n\n[](<https://threatpost.com/webinars/retail-security-magecart-and-the-rise-of-retail-security-threats/?utm_source=ART&utm_medium=ART&utm_campaign=oct_webinar>)\n\nClick to Register!\n\nIncluded in the newest browser version is a critical flaw (CVE-2020-15967) existing in Chrome\u2019s payments component. The flaw, reported by Man Yue Mo of GitHub Security Lab, is a use-after-free vulnerability. Use after free is a memory-corruption flaw where an attempt is made to access memory after it has been freed. This can cause an array of malicious impacts, from causing a program to crash, to potentially leading to execution of arbitrary code.\n\nUse-after-free bugs have [plagued Google Chrome](<https://threatpost.com/google-squashes-high-severity-flaws-in-chrome-browser/154424/>) in the past year. In fact, all seven high-severity vulnerabilities fixed by Google in Chrome 86 were use-after-free flaws \u2013 ranging from ones affecting Chrome\u2019s printing (CVE-2020-15971), audio (CVE-2020-15972), password manager (CVE-2020-15991) and WebRTC (CVE-2020-15969) components (WebRTC [is a protocol for rich-media web communication](<https://threatpost.com/webrtc-found-leaking-local-ip-addresses/110803/>)).\n\nFurther details of the bugs are not yet available, as \u201caccess to bug details and links may be kept restricted until a majority of users are updated with a fix,\u201d according to [Google\u2019s Tuesday post](<https://chromereleases.googleblog.com/>).\n\n## **Password Check**\n\nThe Android and iOS versions of Chrome 86 will also come with a new security feature, which will send a copy of user\u2019s usernames and passwords using a \u201cspecial form of encryption.\u201d That then lets Google check them against list of passwords known to be compromised.\n\n\u201cPasswords are often the first line of defense for our digital lives,\u201d Abdel Karim Mardini, senior product manager with Chrome, [said in a Tuesday post](<https://security.googleblog.com/2020/10/new-password-protections-and-more-in.html>). \u201cToday, we\u2019re improving password security on both Android and iOS devices by telling you if the passwords you\u2019ve asked Chrome to remember have been compromised, and if so, how to fix them.\u201d\n\nAt the back end, when Google detects a username and password exposed by a data breach, it stores a strongly hashed and encrypted copy of the data. Then, when Chrome users log into a website, the feature sends a strongly hashed and encrypted version of their username and password to Google \u2013 meaning the company never derives usernames or passwords from the encrypted copy, it said.\n\nGoogle then fetches the encrypted database of every \u201cunsafe\u201d username and password \u2013 and shares the same anonymous hash prefix of account detail, ensuring, it said, that the username and password details are not revealed during the process.\n\nGoogle rolled out an iteration of this feature in 2019, when it unveiled the [Password Checkup Chrome extension](<https://threatpost.com/google-adds-password-checkup-feature-to-chrome-browser/148838/>), to alert Chrome browser users of weak or compromised passwords. The company has now embedded this functionality directly into Chrome for Android and iOS for better ease of use. It has also added support for [\u201cwell-known/change-password\u201d URLs](<https://w3c.github.io/webappsec-change-password-url/>), letting Chrome take users directly to the right \u201cchange password\u201d form after they\u2019ve been alerted that their password has been compromised.\n\n\u201cWe notify you when you have compromised passwords on websites, but it can be time-consuming to go find the relevant form to change your password,\u201d said Mardini.\n\nThe [password-reuse issue](<https://threatpost.com/troy-hunt-messy-password-problem/145439/>) continues to be a staple problem in the security industry, and has led to a slew of attacks, [most notably credential stuffing](<https://threatpost.com/akamai-on-credential-stuffing-attacks/153654/>). A [Google study released in August 2019](<https://threatpost.com/breached-passwords-still-in-use-by-hundreds-of-thousands/147434/>) \u2013 which was actually based on data collected from Google\u2019s Password Checkup Chrome extension \u2013 found that 1.5 percent \u2013 or 316,000 users \u2013 of website logins on the browser are utilizing already-hacked passwords.\n\nGoogle\u2019s password checkup feature joins other similar services [including Have I Been Pwned](<https://threatpost.com/have-i-been-pwned-open-source/158187/>) and [Mozilla\u2019s Firefox Monitor](<https://threatpost.com/mozilla-announces-firefox-monitor-tool-testing-firefox-61/133087/>) in fighting against stolen password problems.\n\n## **Other Features**\n\nChrome 86 also comes with a slew of other security features, including Safety Check on iOS and Android. This feature is used to check for compromised passwords, tell users if Safe Browsing is enabled and whether the version of Chrome being run is updated with the latest security protections.\n\nChrome 86 will also include [mixed-form warnings](<https://blog.chromium.org/2020/08/protecting-google-chrome-users-from.html>) on desktop and Android to alert and warn users before submitting a non-secure form that\u2019s embedded in an HTTPS page. And, the browser will now block or warn on some insecure downloads initiated by secure pages.\n\n\u201cCurrently, this change affects commonly abused file types, but eventually secure pages will only be able to initiate secure downloads of any type,\u201d according to Google.\n\n[**On October 14 at 2 PM ET**](<https://threatpost.com/webinars/retail-security-magecart-and-the-rise-of-retail-security-threats/?utm_source=ART&utm_medium=ART&utm_campaign=oct_webinar>)** Get the latest information on the rising threats to retail e-commerce security and how to stop them. **[**Register today**](<https://threatpost.com/webinars/retail-security-magecart-and-the-rise-of-retail-security-threats/?utm_source=ART&utm_medium=ART&utm_campaign=oct_webinar>)** for this FREE Threatpost webinar, \u201c**[**Retail Security: Magecart and the Rise of e-Commerce Threats.**](<https://threatpost.com/webinars/retail-security-magecart-and-the-rise-of-retail-security-threats/?utm_source=ART&utm_medium=ART&utm_campaign=oct_webinar>)**\u201d Magecart and other threat actors are riding the rising wave of online retail usage and racking up big numbers of consumer victims. Find out how websites can avoid becoming the next compromise as we go into the holiday season. Join us Wednesday, Oct. 14, 2-3 PM ET for this **[**LIVE **](<https://threatpost.com/webinars/retail-security-magecart-and-the-rise-of-retail-security-threats/?utm_source=ART&utm_medium=ART&utm_campaign=oct_webinar>)**webinar.**\n", "modified": "2020-10-07T15:50:15", "published": "2020-10-07T15:50:15", "id": "THREATPOST:D94615CF5141CE7FB12230E1881E143D", "href": "https://threatpost.com/google-chrome-86-critical-payments-bug-password-check/159938/", "type": "threatpost", "title": "Google\u2019s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables", "cvss": {"score": 0.0, "vector": "NONE"}}]}
