Lucene search
K

71 matches found

OSV
OSV
added 2021/01/14 3:13 p.m.7 views

MGASA-2021-0027 Updated thunderbird packages fix a security vulnerability

Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk. CVE-2020-16044 See upstream releasenotes for other changes...

8.8CVSS8.7AI score0.01304EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/01/13 4:17 p.m.2 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/13 11:16 a.m.2 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/13 10:48 a.m.1 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/01/13 12:0 a.m.32 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0072-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.6.1 ESR - Fixed: Critical security issue MFSA 2021-01 bsc1180623 - CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk Note that Tenable Network Security has extracted...

8.8CVSS8.3AI score0.01304EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/01/11 1:54 p.m.2 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/11 10:53 a.m.1 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/11 10:53 a.m.103 views

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS7.3AI score0.01304EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/01/11 10:30 a.m.72 views

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.3AI score0.01304EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/01/11 10:30 a.m.4 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/11 9:58 a.m.2 views

Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet...

8.8CVSS7.4AI score0.01304EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/01/11 12:0 a.m.21 views

Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2021:0053)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:0053-1 advisory. - Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk CVE-2020-16044 Note that Nessus has not tested for this issue but has...

8.8CVSS8.4AI score0.01304EPSS
Exploits0References2
Mozilla
Mozilla
added 2021/01/11 12:0 a.m.463 views

Security Vulnerabilities fixed in Thunderbird 78.6.1 — Mozilla

A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code...

8.8CVSS2.8AI score0.01304EPSS
Exploits0References1Affected Software1
NCSC
NCSC
added 2021/01/06 12:0 a.m.3 views

Serious vulnerability fixed in Mozilla Firefox

A serious vulnerability has been fixed in Mozilla Firefox. A malicious party, by modifying a COOKIE-ECHO chunk in an SCTP package potentially cause a use-after-free. Mozilla indicates that it is likely, with enough effort, that this vulnerability could lead to the execution of arbitrary code...

8.8CVSS6.8AI score0.01304EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.27 views

Mozilla Firefox < 84.0.2

The version of Firefox installed on the remote Windows host is prior to 84.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory. - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a...

8.8CVSS8.6AI score0.01304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/06 12:0 a.m.42 views

Mozilla Firefox < 84.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 84.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-01 advisory. - A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a...

8.8CVSS8.6AI score0.01304EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/09/09 5:55 p.m.4 views

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

5CVSS6.6AI score0.05926EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/08/06 5:10 p.m.3 views

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

5CVSS6.6AI score0.05926EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/07/22 6:0 p.m.4 views

kernel: sctp: sk_ack_backlog wrap-around problem

An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation processed certain COOKIEECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP...

5CVSS6.6AI score0.05926EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/05/20 11:0 a.m.3 views

kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk

A flaw was found in the way the Linux kernel processed an authenticated COOKIEECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on th...

7.8CVSS6.3AI score0.07045EPSS
Exploits0References4
Rows per page
Query Builder