20 matches found
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
CVE-2022-22753
CVE-2022-22753 affects Mozilla Firefox on Windows, with a Time-of-Check Time-of-Use bug in the Maintenance (Updater) Service that could grant a user write access to an arbitrary directory and escalate to SYSTEM. The umbrella set includes Firefox versions below 97 and affected Thunderbird ESR line...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
Slackware: Security Advisory (SSA:2022-040-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2022:40696-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:0676-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:0565-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0565-1 advisory. - A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an...
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2022:0559-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0559-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0559-1 advisory. - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2022:0559-1 Rating: important References: 1195682 1196072 Cross-References: CVE-2022-0566 CVE-2022-22753 CVE-2022-22754 CVE-2022-22756 CVE-2022-22759 CVE-2022-22760 CVE-2022-22761 CVE-2022-22763...
Security fix for the ALT Linux 10 package thunderbird version 91.6.0-alt1
91.6.0-alt1 built Feb. 17, 2022 Pavel Vasenkov in task 295262 Feb. 12, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update +...
Security fix for the ALT Linux 10 package firefox-esr version 91.6.0-alt1
91.6.0-alt1 built Feb. 16, 2022 Pavel Vasenkov in task 295122 Feb. 9, 2022 Pavel Vasenkov - New ESR version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update +...
Mozilla Thunderbird < 91.6
The version of Thunderbird installed on the remote Windows host is prior to 91.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-06 advisory. - Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs prese...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-91.6.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more...
Mozilla Firefox ESR Security Advisories (MFSA2022-04, MFSA2022-05) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Vulnerabilities fixed in Mozilla Firefox
Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution...
Mozilla Firefox < 97.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 97.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-04 advisory. - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96...