37 matches found
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6563-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6563-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
Sandbox Escape
Firefox and Thunderbird are vulnerable to Sandbox Escape. The vulnerability is caused because VideoBridge extension allowed any content process to use textures produced by remote decoders. An attacker can abuse this to escape the sandbox...
The vulnerability of the VideoBridge component in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to bypass the security measures of the isolated programming environment.
The vulnerability of the VideoBridge component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to security configuration errors. Exploiting this vulnerability can allow an attacker to bypass the security measures of a isolated software environment...
Debian DSA-5582-1 : thunderbird - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5582 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compa...
CVE-2023-6860
The Mozilla Foundation Security Advisory describes this flaw as: The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
DEBIAN-CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
Code injection
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
CVE-2023-6860
CVE-2023-6860: The VideoBridge channel allowed a content process to access textures from remote decoders, creating a potential sandbox escape in Firefox ESR <115.6, Thunderbird <115.6, and Firefox
CVE-2023-6860
The VideoBridge allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security vulnerability that originates in VideoBridge that allows any process to use a structure generated by a remote decoder, resulting in an attacker being able to...
Mozilla Firefox ESR < 115.6
The version of Firefox ESR installed on the remote Windows host is prior to 115.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-54 advisory. - Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed...
Security Vulnerabilities fixed in Firefox 121 — Mozilla
The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. Multiple NSS NIST curves were susceptible to a side-channel attack known as...