71 matches found
MiracleLinux 8 : thunderbird-102.7.1-1.el8.ML.1 (AXSA:2023-4905:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4905:03 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
MiracleLinux 9 : thunderbird-102.7.1-1.el9.ML.1 (AXSA:2023-5071:08)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5071:08 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
MiracleLinux 9 : firefox-102.7.0-1.el9.ML.1 (AXSA:2023-5064:08)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5064:08 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
Linux Distros Unpatched Vulnerability : CVE-2023-23605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of...
CentOS 8 : thunderbird (CESA-2023:0463)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0463 advisory. - Mozilla: libusrsctp library out of date CVE-2022-46871 - Mozilla: Fullscreen notification bypass CVE-2022-46877 - Mozilla: Arbitrary file read from G...
CentOS 8 : firefox (CESA-2023:0288)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0288 advisory. - Mozilla: libusrsctp library out of date CVE-2022-46871 - Mozilla: Fullscreen notification bypass CVE-2022-46877 - Mozilla: Arbitrary file read from G...
Rocky Linux 9 : thunderbird (RLSA-2023:0476)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
Rocky Linux 8 : firefox (RLSA-2023:0288)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0288 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
Rocky Linux 8 : thunderbird (RLSA-2023:0463)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0463 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
CVE-2023-23605
CVE-2023-23605 corresponds to memory-safety bugs in Mozilla Firefox 108 and Firefox ESR 102.6 (Thunderbird < 102.7; Firefox < 109; ESR
CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...
Mageia: Security Advisory (MGASA-2023-0034)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox ESR have affected APM Synthetic Playback Agent
Summary APM Synthetic Playback Agent is vulnerable to Firefox ESR CVE-2023-23599, CVE-2023-23603, CVE-2023-23605, CVE-2023-23602, CVE-2023-23601, CVE-2023-23598. Firefox ESR is used by APM Synthetic Playback Agent for running the selenium scripts. The fix includes support for Firefox 102.7 ESR...
Security fix for the ALT Linux 10 package firefox-esr version 102.7.0-alt1
102.7.0-alt1 built Feb. 21, 2023 Pavel Vasenkov in task 315243 Jan. 18, 2023 Pavel Vasenkov - New ESR version. - Security fixes + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden i...
Debian: Security Advisory (DLA-3324-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3324-1] thunderbird security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3324-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 20, 2023 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DSA-5355-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-5355-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5355 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2023:0329-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0329-1 advisory. Updated to version 102.7.1 bsc1207119: CVE-2022-46871: Fixed out of date libusrsctp...
SUSE: Security Advisory (SUSE-SU-2023:0329-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...