CentOS Errata and Security Advisory CESA-2020:0520 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the...
8.8CVSS
8.9AI Score
0.013EPSS
Updated firefox packages fix security vulnerabilities
Updated firefox packages fix security vulnerabilities: Due to a missing bounds check on shared memory read in the parent process, a content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused...
8.8CVSS
1.6AI Score
0.013EPSS
Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fix security vulnerabilities: When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents (CVE-2020-6792). When processing an email message with an ill-formed envelope, Thunderbird could read data from a random...
8.8CVSS
0.9AI Score
0.013EPSS
CentOS Errata and Security Advisory CESA-2020:0521 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the...
8.8CVSS
8.9AI Score
0.013EPSS
firefox is vulnerable to denial of service (DoS). The vulnerability exists through memory safety bugs fixed in Firefox 73 and Firefox ESR...
8.8CVSS
2.5AI Score
0.006EPSS
Security update for MozillaThunderbird (important)
An update that fixes 7 vulnerabilities is now available. Description: This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 68.5 (bsc#1162777) MFSA 2020-07 (bsc#1163368) CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain email messages...
8.8CVSS
0.6AI Score
0.013EPSS
Debian DLA-2104-1 : thunderbird security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For Debian 8 'Jessie', these problems have been fixed in version 1:68.5.0-1~deb8u1. We recommend that you upgrade your thunderbird packages. NOTE: Tenable Network...
8.8CVSS
8.6AI Score
0.013EPSS
openSUSE Security Update : MozillaFirefox (openSUSE-2020-230)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 68.5.0 ESR Fixed: Various stability and security fixes Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent...
8.8CVSS
8.5AI Score
0.013EPSS
RHEL 8 : firefox (RHSA-2020:0512)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0512 advisory. Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Incorrect parsing of template tag...
8.8CVSS
9.2AI Score
0.013EPSS
Debian DSA-4625-1 : thunderbird - security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of...
8.8CVSS
8.2AI Score
0.013EPSS
RHEL 7 : firefox (RHSA-2020:0520)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0520 advisory. Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Incorrect parsing of template tag...
8.8CVSS
9.2AI Score
0.013EPSS
RHEL 8 : firefox (RHSA-2020:0519)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0519 advisory. Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Incorrect parsing of template tag...
8.8CVSS
9.1AI Score
0.013EPSS
[68.5.0-2.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file * Fri Feb 07 2020 Jan Horak - Update to 68.5.0 build2 * Wed Feb 05 2020 Jan Horak - Update to...
8.8CVSS
1.3AI Score
0.013EPSS
8.8CVSS
7.3AI Score
0.013EPSS
Scientific Linux Security Update : firefox on SL7.x x86_64 (20200217)
Security Fix(es) : Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800) Mozilla: Incorrect parsing of template tag could result in JavaScript injection...
8.8CVSS
-0.2AI Score
0.013EPSS
Security update for MozillaFirefox (important)
An update that fixes 5 vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 68.5.0 ESR Fixed: Various stability and security fixes Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) CVE-2020-6796 (bmo#1610426)...
8.8CVSS
0.5AI Score
0.013EPSS
Oracle Linux 7 : firefox (ELSA-2020-0520)
From Red Hat Security Advisory 2020:0520 : An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity...
8.8CVSS
9.1AI Score
0.013EPSS
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:0383-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 68.5.0 ESR Fixed: Various stability and security fixes Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent...
8.8CVSS
8.5AI Score
0.013EPSS
openSUSE Security Update : MozillaThunderbird (openSUSE-2020-231)
This update for MozillaThunderbird fixes the following issues : Mozilla Thunderbird 68.5 (bsc#1162777) MFSA 2020-07 (bsc#1163368) CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain email messages CVE-2020-6794 (bmo#1606619) Setting a master password ...
8.8CVSS
8.3AI Score
0.013EPSS
RHEL 6 : firefox (RHSA-2020:0521)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0521 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...
8.8CVSS
9.6AI Score
0.013EPSS
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20200217)
Security Fix(es) : Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5...
8.8CVSS
-0.2AI Score
0.006EPSS
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0384-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 68.5.0 ESR CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open...
8.8CVSS
8.5AI Score
0.013EPSS
(RHSA-2020:0521) Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety...
2.4AI Score
0.013EPSS
(RHSA-2020:0520) Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety...
2.4AI Score
0.013EPSS
[SECURITY] [DLA 2104-1] thunderbird security update
Package : thunderbird Version : 1:68.5.0-1~deb8u1 CVE ID : CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial...
8.8CVSS
8.6AI Score
0.013EPSS
(RHSA-2020:0519) Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety...
2.4AI Score
0.013EPSS
(RHSA-2020:0512) Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.5.0 ESR. Security Fix(es): Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) Mozilla: Memory safety...
2.4AI Score
0.013EPSS
8.8CVSS
6.4AI Score
0.013EPSS
8.8CVSS
7.3AI Score
0.013EPSS
[SECURITY] [DSA 4625-1] thunderbird security update
Debian Security Advisory DSA-4625-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 15, 2020 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2020-6792 CVE-2020-6793...
8.8CVSS
8.7AI Score
0.013EPSS
8.8CVSS
6.9AI Score
0.013EPSS
8.8CVSS
7.9AI Score
0.013EPSS
The version of Thunderbird installed on the remote Windows host is prior to 68.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-07 advisory. When processing an email message with an ill-formed envelope, Thunderbird could read data from a random ...
8.8CVSS
9.1AI Score
0.013EPSS
Debian DLA-2102-1 : firefox-esr security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 'Jessie', these problems have been fixed in version 68.5.0esr-1~deb8u1. We recommend that you upgrade your firefox-esr packages. NOTE:...
8.8CVSS
8.7AI Score
0.013EPSS
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-07 advisory. When processing an email message with an ill-formed envelope, Thunderbird could read data from a...
8.8CVSS
9.1AI Score
0.013EPSS
Ubuntu 18.04 LTS : Firefox vulnerabilities (USN-4278-1)
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. Note that Tenable Network Security....
8.8CVSS
8.4AI Score
0.013EPSS
8.8CVSS
7.9AI Score
0.013EPSS
8.8CVSS
8AI Score
0.013EPSS
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 73.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-05 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
8.8CVSS
0.2AI Score
0.013EPSS
The version of Firefox installed on the remote Windows host is prior to 73.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-05 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
8.8CVSS
0.1AI Score
0.013EPSS
[SECURITY] [DLA 2102-1] firefox-esr security update
Package : firefox-esr Version : 68.5.0esr-1~deb8u1 CVE ID : CVE-2020-6796 CVE-2020-6798 CVE-2020-6800 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 "Jessie", these...
8.8CVSS
8.7AI Score
0.013EPSS
Releases Ubuntu 19.10 Ubuntu 18.04 ESM Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service,...
8.8CVSS
8.8AI Score
0.013EPSS
[ASA-202002-9] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202002-9 Severity: Critical Date : 2020-02-13 CVE-ID : CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 Package : thunderbird Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1099 Summary...
8.8CVSS
0.2AI Score
0.013EPSS
8.8CVSS
7.5AI Score
0.013EPSS
Mozilla Firefox ESR < 68.5 Multiple Vulnerabilities
The version of Firefox installed on the remote Windows host is prior to 68.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-06 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
8.8CVSS
0.3AI Score
0.013EPSS
Debian DSA-4620-1 : firefox-esr - security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary...
8.8CVSS
8.5AI Score
0.013EPSS
[SECURITY] [DSA 4620-1] firefox-esr security update
Debian Security Advisory DSA-4620-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 12, 2020 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2020-6796 CVE-2020-6798...
8.8CVSS
8.7AI Score
0.013EPSS
Mozilla Firefox 73 Browser Update Fixes High-Severity RCE Bugs
Mozilla has launched the latest version of its Firefox browser, which knocks out high-severity security flaws that leave systems open to attack by a remote adversary. The patched version of Mozilla’s browser, launched on Tuesday, is Firefox 73 and Firefox ESR 68.5. The Firefox ESR browser is its...
2.4AI Score
0.013EPSS
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.5.0-i686-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. For...
8.8CVSS
0.3AI Score
0.013EPSS
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-68.5.0esr-i686-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
8.8CVSS
0.4AI Score
0.013EPSS