MiracleLinux 4 : firefox-45.5.0-1.0.1.AXS4 (AXSA:2016-951:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-951:09 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 7 : firefox-45.5.0-1.0.1.el7.AXS7 (AXSA:2016-946:08)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-946:08 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

Mageia: Security Advisory (MGASA-2016-0409)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0379)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2016-89) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2016:3080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2016-1085)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-9066

CVE-2016-9066 is a Mozilla Firefox-related issue. IBM notes it as a buffer/ memory-safety problem in Firefox shipped with IBM SONAS; root cause described as a buffer overflow due to an integer overflow in nsScriptLoadHandler. Affected products include Thunderbird <45.5, Firefox ESR <45.5, a...

CVE-2016-9066

A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

Firefox Integer overflow leading to a buffer overflow in nsScriptLoadHandler (CVE-2016-9066)

This post will explore how CVE-2016-9066, a simple but quite interesting from an exploitation perspective vulnerability in Firefox, can be exploited to gain code execution. tl;dr an integer overflow in the code responsible for loading script tags leads to an out-of-bounds write past the end of an...

Firefox Integer overflow leading to a buffer overflow in nsScriptLoadHandler (CVE-2016-9066)

This post will explore how CVE-2016-9066, a simple but quite interesting from an exploitation perspective vulnerability in Firefox, can be exploited to gain code execution. tl;dr an integer overflow in the code responsible for loading script tags leads to an out-of-bounds write past the end of an...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2016:3105-1)

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 bsc1009026 : - CVE-2016-9079: Use-after-free in SVG Animation bsc1012964 MFSA 2016-92 - CVE-2016-5297: Incorrect argument length checking in JavaScript...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2016:3080-1)

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 bsc1009026 bsc1012964 : - CVE-2016-9079: Use-after-free in SVG Animation MFSA 2016-92 bsc1012964 - CVE-2016-5297: Incorrect argument length checking in...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3730-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : Mozilla Firefox / Thunderbird and NSS (openSUSE-2016-1407)

This update to Mozilla Firefox 50.0.2, Thunderbird 45.5.1 and NSS 3.16.2 fixes a number of security issues. The following vulnerabilities were fixed in Mozilla Firefox MFSA 2016-89 : - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterizeedges1 bmo1292443 - CVE-2016-5292: URL parsing causes cras...

Security update for Mozilla Firefox, Thunderbird and NSS (important)

This update to Mozilla Firefox 50.0.2, Thunderbird 45.5.1 and NSS 3.16.2 fixes a number of security issues. The following vulnerabilities were fixed in Mozilla Firefox MFSA 2016-89: - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterizeedges1 bmo1292443 - CVE-2016-5292: URL parsing causes crash...

USN-3141-1: Thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...