Linux Distros Unpatched Vulnerability : CVE-2016-9074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services NSS 3.26.1. Th...

RHEL 7 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Insufficient timing side-channel resistance in divSpoiler CVE-2016-9074 - nss before version 3.30 is...

Mageia: Security Advisory (MGASA-2016-0379)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2016-89) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2016:3080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Mozilla Network Security Services (NSS) affects the IBM FlashSystem model V840

Summary There is a vulnerability in Mozilla NSS to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability CVE-2016-9074 could make the system susceptible to timing side-channel attacks which could be leveraged to allow launch of further attacks on the system Vulnerabili...

Security Bulletin: Vulnerability in Mozilla Network Security Services (NSS) affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Mozilla NSS to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of this vulnerability CVE-2016-9074 could make the system susceptible to timing side-channel attacks which could be leveraged to allow launch of further attacks on t...

CVE-2016-9074

An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services NSS 3.26.1. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

CVE-2016-9074

CVE-2016-9074: Mozilla NSS timing-side-channel mitigation is insufficient in some circumstances. Affects NSS-based components used by Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox

Debian DLA-759-1 : nss security update

Franziskus Kiefer reported that the existing mitigations for some timing side-channel attacks were insufficient: https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/CVE-201 6-9074 For Debian 7 'Wheezy', these problems have been fixed in version 2:3.26-1+debu7u2. We recommend that you...

[SECURITY] [DLA 759-1] nss security update

Package : nss Version : 2:3.26-1+debu7u2 CVE ID : CVE-2016-9074 Franziskus Kiefer reported that the existing mitigations for some timing side-channel attacks were insufficient: https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/CVE-2016-9074 For Debian 7 "Wheezy", these problems have...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2016:3105-1)

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 bsc1009026 : - CVE-2016-9079: Use-after-free in SVG Animation bsc1012964 MFSA 2016-92 - CVE-2016-5297: Incorrect argument length checking in JavaScript...

SUSE SLES11 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2016:3080-1)

This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5.1 bsc1009026 bsc1012964 : - CVE-2016-9079: Use-after-free in SVG Animation MFSA 2016-92 bsc1012964 - CVE-2016-5297: Incorrect argument length checking in...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3730-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3730-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for Mozilla Firefox, Thunderbird and NSS (important)

This update to Mozilla Firefox 50.0.2, Thunderbird 45.5.1 and NSS 3.16.2 fixes a number of security issues. The following vulnerabilities were fixed in Mozilla Firefox MFSA 2016-89: - CVE-2016-5296: Heap-buffer-overflow WRITE in rasterizeedges1 bmo1292443 - CVE-2016-5292: URL parsing causes crash...

Mozilla Firefox < 50.0 Multiple Vulnerabilities

The version of Mozilla Firefox installed on the remote Windows host is prior to 50.0. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user...

[SECURITY] [DSA 3716-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3716-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 16, 2016 https://www.debian.org/security/faq -...