SUSE CVE-2018-12369

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR 60.1 and Firefox 61...

Mozilla Firefox Security Advisory (MFSA2018-15) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

openSUSE Security Update : MozillaFirefox (openSUSE-2019-494)

This security update for MozillaFirefox to version 60.1.0esr fixes multiple issues. Security issues fixed MFSA 2018-16, boo1098998 : - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus - CVE-2018-12361: Integer overflow in...

CVE-2018-12369

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR 60.1 and Firefox 61...

CVE-2018-12369

Summary (CVE-2018-12369) WebExtensions bundled with embedded experiments could bypass authorization checks, allowing a malicious WebExtension to gain full browser permissions. Affected products: Mozilla Firefox (non-ESR) versions before 61 and Firefox ESR before 60.1. Root cause: improper authori...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3705-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3705-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacke...

USN-3705-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF...

openSUSE Security Update : MozillaFirefox (openSUSE-2018-676)

This security update for MozillaFirefox to version 60.1.0esr fixes multiple issues. Security issues fixed MFSA 2018-16, boo1098998 : - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus - CVE-2018-12361: Integer overflow in...

Mozilla Firefox ESR < 60.1

The version of Firefox ESR installed on the remote Windows host is prior to 60.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-16 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major...

Mozilla Firefox < 61 Multiple Critical Vulnerabilities (macOS)

The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 61. It is, therefore, affected by multiple critical and high severity vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110806; scriptversion"1.7";...

Security update for MozillaFirefox (important)

This security update for MozillaFirefox to version 60.1.0esr fixes multiple issues. Security issues fixed MFSA 2018-16, boo1098998: - CVE-2018-12359: Buffer overflow using computed size of canvas element - CVE-2018-12360: Use-after-free when using focus - CVE-2018-12361: Integer overflow in...

Mozilla Firefox Security Advisories (MFSA2018-15, MFSA2018-17) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

KLA11271 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of...

Security fix for the ALT Linux 10 package firefox-esr version 60.1.0-alt1

June 26, 2018 Andrey Cherepanov 60.1.0-alt1 - New ESR version 60.1.0. - Fixed: + CVE-2018-12359 Buffer overflow using computed size of canvas element + CVE-2018-12360 Use-after-free when using focus + CVE-2018-12361 Integer overflow in SwizzleData + CVE-2018-12362 Integer overflow in SSSE3 scaler...