Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 4 : firefox-68.4.1-1.0.1.AXS4 (AXSA:2020-4433:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4433:02 advisory. Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17026 Mozilla: Bypass of @namespace CSS sanitization durin...

8.8CVSS8.2AI score0.46589EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2020/01/31 12:0 a.m.50 views

RHEL 8 : thunderbird (RHSA-2020:0292)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0292 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.4.1. Security Fixes: Mozilla:...

8.8CVSS8.4AI score0.46589EPSS
Exploits11References24
RedHat Linux
RedHat Linux
added 2020/01/30 9:3 a.m.7 views

Mozilla: Type Confusion in XPCVariant.cpp

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

8.8CVSS7.4AI score0.02489EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/01/17 12:0 a.m.62 views

RHEL 6 : thunderbird (RHSA-2020:0123)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0123 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.4.1. Security Fixes: Mozilla:...

8.8CVSS8.3AI score0.46589EPSS
Exploits8References13
RedHat Linux
RedHat Linux
added 2020/01/16 12:2 p.m.115 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.2AI score0.46589EPSS
Exploits8References7
RedHat Linux
RedHat Linux
added 2020/01/16 11:56 a.m.5 views

Mozilla: Type Confusion in XPCVariant.cpp

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

8.8CVSS7.4AI score0.02489EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.30 views

Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20200113)

This update upgrades Firefox to version 68.4.1 ESR. Security Fixes : - Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17026 - Mozilla: Bypass of @namespace CSS sanitization during pasting CVE-2019-17016 - Mozilla: Type Confusion in XPCVariant.cpp...

8.8CVSS8.1AI score0.46589EPSS
Exploits8References6
RedHat Linux
RedHat Linux
added 2020/01/14 6:46 p.m.8 views

Mozilla: Type Confusion in XPCVariant.cpp

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...

8.8CVSS7.4AI score0.02489EPSS
Exploits0References5
CNVD
CNVD
added 2020/01/08 12:0 a.m.1 views

Mozilla Firefox and Mozilla Firefox ESR Type Obfuscation Vulnerability (CNVD-2020-01172)

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A type confusion vulnerability exists in the XPCVariant.cpp file in Mozilla...

8.8CVSS9.2AI score0.02489EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/11/02 12:0 a.m.29 views

Mozilla Firefox Multiple Vulnerabilities (Nov 2009) - Linux

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.2AI score0.28167EPSS
Exploits50References16
Cvelist
Cvelist
added 2009/10/29 2:0 p.m.20 views

CVE-2009-3374

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

8AI score0.01981EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2009/10/27 10:43 p.m.3 views

XPCVariant:: VariantDataToJS()

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...

7.5CVSS7.2AI score0.01981EPSS
Exploits0References4
Mozilla
Mozilla
added 2009/10/27 12:0 a.m.27 views

Chrome privilege escalation in XPCVariant::VariantDataToJS() — Mozilla

Mozilla security researcher mozbugra4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web...

7.5CVSS4.2AI score0.01981EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder