5743 matches found
[ASA-202001-4] thunderbird: multiple issues
Arch Linux Security Advisory ASA-202001-4 ========================================= Severity: Critical Date : 2020-01-14 CVE-ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Package : thunderbird Type : multiple issues Remote : Yes Link :...
Mozilla: Bypass of @namespace CSS sanitization during pasting
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
Critical: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Mozilla: CSS sanitization does not escape HTML tags
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer does not escape and characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently...
Mozilla: Bypass of @namespace CSS sanitization during pasting
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
CVE-2011-2670
CVE-2011-2670 affects Mozilla Firefox prior to 3.6. The vulnerability arises in the rendering of Cascading Style Sheets (CSS), enabling cross-site scripting (XSS). The impact per sources is arbitrary script execution in the affected browser. Affected product/version: Firefox
SUSE-SU-2020:0078-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR Fixed: Security fix MFSA 2020-03 bsc1160498 CVE-2019-17026 bmo1607443 IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR Fixe...
Error: The CSS expiry date in your license does not support this product version
After upgrading XenDesktop, error can be seen in Studio: "The Customer Success Services CSS expiry date in your license does not support this product version. This product version is not supported by licenses that are available on the License Server and connections cannot be made. Renew Customer...
EulerOS Virtualization for ARM 64 3.0.5.0 : libcroco (EulerOS-SA-2020-1076)
According to the versions of the libcroco package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0068-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 68.4.1 ESR - Fixed: Security fix MFSA 2020-03 bsc1160498 - CVE-2019-17026 bmo1607443 IonMonkey type confusion with StoreElementHole and FallibleStoreElement Firefox Extended Support Release 68.4.0 ESR -...
MGASA-2020-0034 Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fix security vulnerabilities: Bypass of @namespace CSS sanitization during pasting CVE-2019-17016 Type Confusion in XPCVariant.cpp CVE-2019-17017 CSS sanitization does not escape HTML tags CVE-2019-17022 Memory safety bugs fixed in Thunderbird 68.4.1 CVE-2019-17024...
Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fix security vulnerabilities: Bypass of @namespace CSS sanitization during pasting CVE-2019-17016 Type Confusion in XPCVariant.cpp CVE-2019-17017 CSS sanitization does not escape HTML tags CVE-2019-17022 Memory safety bugs fixed in Thunderbird 68.4.1 CVE-2019-17024...
SUSE-SU-2020:14268-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR Fixed: Security fix MFSA 2020-03 bsc1160498 CVE-2019-17026 bmo1607443 IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR Fixe...
SUSE-SU-2020:0068-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR Fixed: Security fix MFSA 2020-03 bsc1160498 CVE-2019-17026 bmo1607443 IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR Fixe...
KLA11635 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code, perform cross-site scripting attack, bypass security restrictions. Below is a complete list of...
Mozilla Thunderbird < 68.4.1
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-04 advisory. - Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type...
MGASA-2020-0027 Updated firefox packages fix security vulnerability
When pasting a tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration CVE-2019-17016. Due to a missing case handling object types, a type confusion...
CVE-2019-17016
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
CVE-2019-17022
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer does not escape and characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently...
DEBIAN-CVE-2019-17022
When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer does not escape and characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently...