SUSE CVE-2015-7210

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...

SUSE: Security Advisory (SUSE-SU-2020:2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Webscan - Browser-based Network Scanner And local-IP Detection

webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate...

Updated thunderbird packages fix security vulnerability

Potential leak of redirect targets when loading scripts in a worker. CVE-2020-15652 WebRTC data channel leaks internal address to peer. CVE-2020-6514 Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture. CVE-2020-6463 Memory safety bugs fixed in Thunderbird 68.11. CVE-2020-15659...

MGASA-2020-0320 Updated thunderbird packages fix security vulnerability

Potential leak of redirect targets when loading scripts in a worker. CVE-2020-15652 WebRTC data channel leaks internal address to peer. CVE-2020-6514 Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture. CVE-2020-6463 Memory safety bugs fixed in Thunderbird 68.11. CVE-2020-15659...

OPENSUSE-SU-2020:1205-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Updated to Mozilla Thunderbird 68.11: Fixed various security issues MFSA-2020-35, bsc1174538. Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker bsc1174538. Fixed CVE-2020-6514: WebRTC data...

SUSE-SU-2020:2179-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Updated to Mozilla Thunderbird 68.11: Fixed various security issues MFSA-2020-35, bsc1174538. Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker bsc1174538. Fixed CVE-2020-6514: WebRTC data...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:1155-1 Rating: important References: 1174538 Cross-References: CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:2100-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.1.0 ESR - Fixed: Various stability, functionality, and security fixes bsc1174538 - CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker - CVE-2020-6514: WebRTC data chann...

UBUNTU-CVE-2017-7799

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-402)

MozillaThunderbird was updated to 38.7.0 to fix the following issues : - Update to Thunderbird 38.7.0 boo969894 - MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback - MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and...

CVE-2016-1962

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections...

Design/Logic Flaw

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections...

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2917-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2917-1 advisory. Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker...

firefox: multiple issues

CVE-2016-1952 CVE-2016-1953 arbitrary code execution Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough...

FreeBSD : mozilla -- multiple vulnerabilities (2225c5b4-1e5a-44fc-9920-b3201c384a15)

Mozilla Foundation reports : MFSA 2016-16 Miscellaneous memory safety hazards rv:45.0 / rv:38.7 MFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports MFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages MFSA 2016-19 Linux video...