80 matches found
MiracleLinux 9 : thunderbird-102.6.0-2.el9.ML.1 (AXSA:2023-5063:07)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5063:07 advisory. Mozilla: Arbitrary file read from a compromised content process CVE-2022-46872 Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbir...
Linux Distros Unpatched Vulnerability : CVE-2022-46874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could...
Amazon Linux 2 : firefox (ALASFIREFOX-2023-008)
The version of firefox installed on the remote host is prior to 102.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-008 advisory. The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process cou...
GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...
SUSE CVE-2022-46874
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...
Rocky Linux 8 : firefox (RLSA-2022:9067)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:9067 advisory. - A use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox This bug only affects...
Ubuntu: Security Advisory (USN-5782-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5782-3: Firefox regressions
USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...
USN-5782-2 firefox regressions
USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...
Mageia: Security Advisory (MGASA-2022-0484)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated thunderbird packages fix security vulnerability
Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...
MGASA-2022-0484 Updated thunderbird packages fix security vulnerability
Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...
SUSE: Security Advisory (SUSE-SU-2022:4636-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:4636-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to version 102.6.1 fixed: Remote content did not load in user-defined signatures fixed: Addons that added new action buttons were not shown for addon upgrades, requiring removal and reinstall fixed: Various stability improvemen...
Mozilla Thunderbird Security Advisories (MFSA2022-54, MFSA2022-54) - Mac OS X
Thunderbird is prone to a file extension manipulation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security fix for the ALT Linux 10 package thunderbird version 102.6.1-alt1
102.6.1-alt1 built Dec. 29, 2022 Pavel Vasenkov in task 312281 Dec. 23, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions...
Security fix for the ALT Linux 10 package thunderbird version 102.6.0-alt1
102.6.0-alt1 built Dec. 23, 2022 Pavel Vasenkov in task 311857 Dec. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-4687...
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2022-355-01)
The version of mozilla-thunderbird installed on the remote host is prior to 102.6.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-355-01 advisory. - A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...
CVE-2022-46874
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...
DEBIAN-CVE-2022-46874
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.Note: This issue was originally included in the advisories for Thunderbird...