SUSE CVE-2020-15649

Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ES...

CVE-2020-15650

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings but not access the previous profile. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects...

Memory corruption

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Code injection

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings but not access the previous profile. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects...

CVE-2020-15650

CVE-2020-15650 affects Firefox ESR

CVE-2020-15649

CVE-2020-15649 : Mozilla Firefox ESR versions earlier than 68.11 are affected. A malicious file picker application could cause the browser to steal and upload local files of the user’s choosing, independent of the actual files selected. The issue is described as affecting Firefox for Android and ...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200806)

Security Fixes : - chromium-browser: Use after free in ANGLE CVE-2020-6463 - chromium-browser: Inappropriate implementation in WebRTC CVE-2020-6514 - Mozilla: Potential leak of redirect targets when loading scripts in a worker CVE-2020-15652 - Mozilla: Memory safety bugs fixed in Firefox 79 and...

RHEL 8 : thunderbird (RHSA-2020:3343)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3343 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Security Fixes:...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla Thunderbird < 68.11

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-35 advisory. - Mozilla developers Jason Kratzer and Luke Wagner reported memory safety bugs present in Thunderbird 68.1...

KLA11924 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerabilit...

Mozilla Firefox ESR < 68.11

The version of Firefox ESR installed on the remote Windows host is prior to 68.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-31 advisory. - Mozilla developers Jason Kratzer and Luke Wagner reported memory safety bugs present in Firefox 78 and Firefox ESR...