MiracleLinux 4 : thunderbird-68.10.0-1.AXS4 (AXSA:2020-225:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-225:05 advisory. Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 Mozilla:...

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

Mozilla: Add-On updates did not respect the same certificate trust rules as software updates

The Mozilla Foundation Security Advisory describes this flaw as: When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without...

UBUNTU-CVE-2020-12421

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected even if they were legitimately added by an administrator. This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR 68.10...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3124-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3124-1 advisory. Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsa...

USN-3124-1 firefox vulnerabilities

Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a special...

Ubuntu: Security Advisory (USN-3124-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla: Addons update must verify IDs match between current and new versions (MFSA 2016-89, MFSA 2016-90)

A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update...