MiracleLinux 4 : firefox-68.10.0-1.0.1.AXS4 (AXSA:2020-213:15)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-213:15 advisory. Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 Mozilla:...

EUVD-2020-4733

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-12421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. Thi...

Important: thunderbird

Issue Overview: The Mozilla Foundation Security Advisory describes this flaw as: Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. CVE-2020-12417 The Mozilla Foundation Security...

Amazon Linux 2 : thunderbird (ALAS-2023-1945)

The version of thunderbird installed on the remote host is prior to 68.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1945 advisory. The Mozilla Foundation Security Advisory describes this flaw as: Due to confusion about ValueTags on JavaScript...

SUSE CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2021-0137)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This...

Updated thunderbird packages fix security vulnerability

If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection CVE-2020-12398. When browsing a malicious page, a race condition in our...

Oracle Linux 8 : thunderbird (ELSA-2020-3038)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3038 advisory. 68.10.0-1.0.1.el82 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.10.0-1 - Update to 68.10.0 build1 Tenable...

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

RHEL 8 : thunderbird (RHSA-2020:3046)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3046 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fixes: Mozilla:...

Oracle Linux 6 : thunderbird (ELSA-2020-2966)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-2966 advisory. 68.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.10.0-1 - Update to 68.10.0 build1 Tenable has...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:1017-1 Rating: important References: 1166238 1173576 1173613 Cross-References: CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421...

OPENSUSE-SU-2020:0982-1 Security update for MozillaThunderbird

This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues: - CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 bsc1173576. - CVE-2020-12418: Information disclosure due to manipulated URL object bsc1173576. - CVE-2020-12419:...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0982-1 Rating: important References: 1173576 Cross-References: CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 Affected Products: openSUSE Leap 15.2 An update that fixes 5...

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RHEL 6 : thunderbird (RHSA-2020:2966)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2966 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.10.0. Security Fixes: Mozilla:...