73 matches found
MiracleLinux 7 : firefox-102.12.0-1.0.1.el7.AXS7 (AXSA:2023-6069:20)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6069:20 advisory. Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR...
openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:2612-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : firefox (RHSA-2023:3579)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3579 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
CentOS 7 : thunderbird (RHSA-2023:3563)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3563 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
RLSA-2023:3590 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixe...
Rocky Linux 8 : firefox (RLSA-2023:3590)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3590 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
Ubuntu: Security Advisory (USN-6214-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6214-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...
Fedora 38 : firefox (2023-af4cfc9c3c)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-af4cfc9c3c advisory. - Updated to latest upstream 114.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
Rocky Linux 8 : thunderbird (RLSA-2023:3588)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3588 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
RLSA-2023:3587 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12...
Fedora 37 : firefox (2023-e5859237ff)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e5859237ff advisory. - Updated to latest upstream 114.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
CVE-2023-34414
CVE-2023-34414 describes a click-jacking risk where the error page for TLS certificate errors could be hijacked due to a rendering lag, enabling a user click to override a certificate error under precise timing conditions. Affected products and versions (per provided documents): Firefox ESR < ...
Fedora 37 : thunderbird (2023-dcfde386f7)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-dcfde386f7 advisory. Update to 102.12.0 ; https://www.thunderbird.net/en-US/thunderbird/102.12.0/releasenotes/ ;...
Oracle Linux 9 : thunderbird (ELSA-2023-3587)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3587 advisory. 102.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.12.0-1 - Update to 102.12.0 build1 Tenable h...
Mageia: Security Advisory (MGASA-2023-0200)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2023-0199)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0199 Updated firefox/nss packages fix security vulnerability
Click-jacking certificate exceptions through rendering lag. CVE-2023-34414 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12. CVE-2023-34416...
Oracle Linux 8 : thunderbird (ELSA-2023-3588)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3588 advisory. 102.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.12.0-1 - Update to 102.12.0 build1 Tenable h...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update ...