[SECURITY] [DLA 3661-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3661-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 23, 2023 https://wiki.debian.org/LTS -...

The vulnerability in the full-screen mode of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, allows attackers to carry out clickjacking attacks.

The vulnerability in the full-screen mode of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to carry out a clickjacking attack...

Debian: Security Advisory (DSA-5561-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisories (MFSA2023-49, MFSA2023-52) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Thunderbird Security Advisories (MFSA2023-49, MFSA2023-52) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox ESR Security Advisories (MFSA2023-49, MFSA2023-52) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Thunderbird Security Advisories (MFSA2023-49, MFSA2023-52) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox ESR < 115.5.0

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-50 advisory. - Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bug...

Mozilla Firefox Security Advisory (MFSA2023-49) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-49. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2023-326-01)

The version of mozilla-thunderbird installed on the remote host is prior to 115.5.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-326-01 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

DEBIAN-CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

Code injection

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

UBUNTU-CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

CVE-2023-6206 is described across connected sources as a clickjacking-related issue tied to the fullscreen transition in Mozilla Firefox and Thunderbird. The vulnerability affects Firefox versions older than 120, Firefox ESR older than 115.5.0, and Thunderbird older than 115.5.0. The issue is dis...