Oracle Linux 7 : thunderbird (ELSA-2024-0027)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0027 advisory. 115.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.6.0-1 - Update to...

RHEL 9 : thunderbird (RHSA-2024:0001)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0001 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...

RHEL 8 : thunderbird (RHSA-2024:0003)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0003 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla:...

CentOS 7 : thunderbird (RHSA-2024:0027)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0027 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...

RHEL 9 : firefox (RHSA-2024:0025)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0025 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

The vulnerability of the WebGL DrawElementsInstanced method in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the DrawElementsInstanced method in Mozilla Firefox, Firefox ESR, and the Thunderbird email client is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...

Mozilla Firefox ESR Security Advisories (MFSA2023-53, MFSA2023-56) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Debian DSA-5582-1 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5582 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compa...

SUSE CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

UBUNTU-CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

DEBIAN-CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

Heap overflow

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6856

CVE-2023-6856 describes a heap-buffer-overflow in the WebGL DrawElementsInstanced path when run with the Mesa VM driver. Impacted products include Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

CVE-2023-6856

The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

Mozilla Thunderbird < 115.6

The version of Thunderbird installed on the remote Windows host is prior to 115.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-55 advisory. - Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2023-353-03)

The version of mozilla-thunderbird installed on the remote host is prior to 115.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-353-03 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date...