MiracleLinux 4 : firefox-68.9.0-1.0.1.AXS4 (AXSA:2020-118:12)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-118:12 advisory. Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 Mozilla: Memory safe...

EUVD-2020-4717

Malware in sbrugna...

Mozilla Firefox Security Advisory (MFSA2020-20) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0140)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with a...

Updated thunderbird packages fix security vulnerability

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection CVE-2020-12398. When browsing a malicious page, a race condition in our...

Amazon Linux 2 : thunderbird (ALAS-2020-1462)

The version of thunderbird installed on the remote host is prior to 68.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1462 advisory. Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed...

CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

DEBIAN-CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Race condition

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Updated firefox packages fix security vulnerability

Updated nss and firefox packages fix security vulnerabilities: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys CVE-2020-12399. Side channel vulnerabilities during RSA key generation in NSS CVE-2020-12402. When browsing ...

Mozilla: Use-after-free in SharedWorkerService

The Mozilla Foundation Security Advisory describes this flaw as: When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash...

RHEL 7 : thunderbird (RHSA-2020:2615)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2615 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Security Fixes: Mozilla:...

Mozilla: Use-after-free in SharedWorkerService

The Mozilla Foundation Security Advisory describes this flaw as: When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash...

RHEL 8 : thunderbird (RHSA-2020:2616)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2616 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.9.0. Security Fixes: Mozilla:...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0799-1 Rating: important References: 1172402 Cross-References: CVE-2020-12398 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Affected Products: openSUSE Leap 15.1 An update that fixes four...

Vulnerability Spotlight: Remote code execution vulnerability in Firefox’s SharedWorkerService function

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Mozilla Firefox web browser contains a vulnerability in its SharedWorkerService function that could allow an attacker to gain the ability to remotely execute code on a target’s machine. This vulnerability...