13 matches found
openSUSE Security Update : MozillaThunderbird (openSUSE-2019-772)
This update for MozillaThunderbird fixes the following issues : Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852 : Security issues fixed MFSA 2018-28 : - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391:...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
CVE-2018-12391
CVE-2018-12391 affects Firefox for Android: during HTTP Live Stream playback, audio data can be accessed across origins due to a flaw in the underlying Android service. The vulnerability is addressed by treating all HLS streams as cross-origin and opaque. Affected products/versions include Firefo...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
openSUSE Security Update : MozillaThunderbird (openSUSE-2018-1340)
This update for MozillaThunderbird fixes the following issues : Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852 : Security issues fixed MFSA 2018-28 : - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391:...
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2018:3646-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security fix for the ALT Linux 10 package thunderbird version 60.3.0-alt1
Nov. 2, 2018 Andrey Cherepanov 60.3.0-alt1 - New version 60.3.0. - Fixes: + CVE-2018-12391 HTTP Live Stream audio data is accessible cross-origin + CVE-2018-12392 Crash with nested event loops + CVE-2018-12393 Integer overflow during Unicode conversion while loading JavaScript + CVE-2018-12389...
Mozilla Thunderbird < 60.3
The version of Thunderbird installed on the remote Windows host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-28 advisory. - When manipulating user events in nested loops while opening a document through script, it is possible to trigger a...
Mozilla Firefox < 63 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox installed on the remote macOS host is prior to 63. It is, therefore, affected by multiple vulnerabilities : - During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is...
Mozilla Firefox ESR < 60.3 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities : - During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the...
FreeBSD : mozilla -- multiple vulnerabilities (7c3a02b9-3273-4426-a0ba-f90fad2ff72e)
Mozilla Foundation reports : CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin CVE-2018-12392: Crash with nested event loops CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript CVE-2018-12395: WebExtension bypass of domain restrictions through...
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...
Security fix for the ALT Linux 10 package firefox-esr version 60.3.0-alt1
Oct. 23, 2018 Andrey Cherepanov 60.3.0-alt1 - New ESR version 60.3.0. - Fixed: + CVE-2018-12391 HTTP Live Stream audio data is accessible cross-origin + CVE-2018-12392 Crash with nested event loops + CVE-2018-12393 Integer overflow during Unicode conversion while loading JavaScript + CVE-2018-123...