22 matches found
MiracleLinux 7 : firefox-52.5.1-1.0.1.el7.AXS7 (AXSA:2017-2477:08)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2477:08 advisory. A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting...
Debian: Security Advisory (DLA-1202-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0448)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0018)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2017-27) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2017-1326)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2017-1327)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7843
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not...
CVE-2017-7843
Summary (CVE-2017-7843) : In Firefox, Private Browsing mode could be exploited by a web worker to persist data in IndexedDB, enabling cross-session fingerprinting. Affected are Firefox ESR versions older than 52.5.2 and Firefox versions older than 57.0.1. The root cause is that IndexedDB remains ...
CVE-2017-7843
When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not...
Updated iceape packages fix security vulnerabilities
Updated iceape packages include security fixes from upstream Seamonkey and Firefox: Multiple flaws were found in the way Iceape 2.48 processes various types of web content, where loading a web page containing malicious content could cause Iceape to crash, execute arbitrary code, or disclose...
EulerOS 2.0 SP2 : firefox (EulerOS-SA-2017-1327)
According to the version of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared wh...
EulerOS 2.0 SP1 : firefox (EulerOS-SA-2017-1326)
According to the version of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared wh...
openSUSE Security Update : MozillaFirefox (openSUSE-2017-1366)
This update for MozillaFirefox to 52.5.2esr fixes the following issue : - CVE-2017-7843: Web worker in Private Browsing mode can write IndexedDB data boo1072034, bmo1410106, MFSA 2017-28 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
Debian DSA-4062-1 : firefox-esr - security update
It was discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 4062-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4062-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2017 https://www.debian.org/security/faq -...
Security fix for the ALT Linux 10 package firefox-esr version 52.5.2-alt1
Dec. 10, 2017 Andrey Cherepanov 52.5.2-alt1 - New ESR version 52.5.2 - Fixes: + CVE-2017-7843 Web worker in Private Browsing mode can write IndexedDB data - Build with DBUS support ALT 34302...
Debian: Security Advisory (DSA-4062-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA11153 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service and obtain sensitive information. 1. A buffer overflow vulnerability in Direct 3D 9 component can be exploited remotely to cause denial of service; 2. ...
firefox security update
CentOS Errata and Security Advisory CESA-2017:3382 An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...