CVE-2023-29531

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected. This vulnerability affects Firefox 112, Firefox ESR...

The vulnerability in the application programming interface for 3D graphics in WebGL of the Mozilla Firefox browser allows a perpetrator to execute arbitrary code.

The vulnerability in the application software interface for 3D graphics in the WebGL technology of the Mozilla Firefox browser is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20230505-02

The vulnerability in the Mozilla Firefox browser is due to the fact that Mozilla's service desk handles blocking records when downloading updates from an SMB server. Exploitation of the vulnerability could allow an attacker to to apply an unsigned update file by pointing the service to an update...

GLSA-202305-06 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-06 Mozilla Firefox: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for Linux...

GLSA-202305-13 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-13 Mozilla Thunderbird: Multiple Vulnerabilities - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox This bug only affects Thunderbird for...

SUSE-SU-2023:1855-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 102.10.0 ESR bsc1210212 - CVE-2023-29531: Out-of-bound memory access in WebGL on macOS - CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass - CVE-2023-29533: Fullscreen notification obscured -...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2023-102-01)

The version of mozilla-thunderbird installed on the remote host is prior to 102.10.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-102-01 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and...

CVE-2023-29531

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox for macOS. Other operating systems are unaffected...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-101-01)

The version of mozilla-firefox installed on the remote host is prior to 102.10.0esr / 112.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-101-01 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a...

SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:1819-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1819-1 advisory. - Firefox Extended Support Release 102.10.0 ESR bsc1210212 - CVE-2023-29531: Out-of-bound memory access in WebGL on macOS -...

Mozilla Thunderbird < 102.10

The version of Thunderbird installed on the remote Windows host is prior to 102.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-15 advisory. - Mozilla developers Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memor...

SUSE-SU-2023:1817-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 102.10.0 ESR bsc1210212 - CVE-2023-29531: Out-of-bound memory access in WebGL on macOS - CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass - CVE-2023-29533: Fullscreen notification obscured -...

Security Vulnerabilities fixed in Thunderbird 102.10 — Mozilla

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.This bug only affects Thunderbird for macOS. Other operating systems are unaffected. A local attacker can trick the Mozilla Maintenance Service into...

Security Vulnerabilities fixed in Firefox 112, Firefox for Android 112, Focus for Android 112 — Mozilla

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.This bug only affects Firefox for macOS. Other operating systems are unaffected. A local attacker can trick the Mozilla Maintenance Service into applying...

Mozilla Firefox ESR 缓冲区错误漏洞

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR. An attacker could exploit the vulnerability to cause out-of-bounds memory access using the WebGL API, which could lea...

Mozilla Firefox ESR < 102.10

The version of Firefox ESR installed on the remote Windows host is prior to 102.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-14 advisory. - Mozilla developers Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memor...

Mozilla Firefox ESR < 102.10

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-14 advisory. - Mozilla developers Andrew Osmond, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team...

Mozilla Thunderbird and Firefox Denial of Service Vulnerability

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. A denial of service vulnerability exists in WebGL in Mozilla Thunderbird, Firefox, and...

SUSE CVE-2011-2367

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service application crash, via unspecified vectors...

SUSE CVE-2011-2368

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...