Lucene search
K

75 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : firefox-60.7.2-1.0.1.AXS4 (AXSA:2019-3914:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3914:03 advisory. Security Fix - CVE-2019-11707, CVE-2019-11708 CVE CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the...

10CVSS8.2AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.23 views

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4032-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4032-1 advisory. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined...

10CVSS9AI score0.55874EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2019-0202)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS10AI score0.55874EPSS
Exploits10References7
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.13 views

Mozilla Firefox Security Advisory (MFSA2019-19) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

10CVSS9.8AI score0.55874EPSS
Exploits10References5
GithubExploit
GithubExploit
added 2021/09/08 2:38 p.m.990 views

Exploit for Type Confusion in Mozilla Firefox

Exploit chain for CVE-2019-9791 & CVE-2019-11708 against Firef...

10CVSS9.4AI score0.55874EPSS
Exploits15
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2019:1682-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS10AI score0.55874EPSS
Exploits10References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:1684-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS10AI score0.55874EPSS
Exploits10References6
Tenable Nessus
Tenable Nessus
added 2020/03/11 12:0 a.m.39 views

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0017)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process...

10CVSS8.8AI score0.55874EPSS
Exploits22References32
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.39 views

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2019:1595-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS10AI score0.55874EPSS
Exploits10References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.33 views

Security Bulletin: One vulnerability of Mozzila Firefox (less than Firefox 60.7.2 ESR) has affected Synthetic Playback Agent 8.1.4.0 - 8.1.4 IF07

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2019-11708 Vulnerability Details CVEID: CVE-2019-11708 DESCRIPTION: Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

10CVSS0.8AI score0.55874EPSS
Exploits10Affected Software1
GithubExploit
GithubExploit
added 2019/09/29 7:8 a.m.178 views

Exploit for Improper Input Validation in Mozilla Firefox

Full chain exploit for CVE-2019-11708 & CVE-2019-9810 This is...

10CVSS9.5AI score0.55874EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.55 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0164)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

10CVSS8.5AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.32 views

Oracle Linux 8 : firefox (ELSA-2019-1696)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-1696 advisory. 60.7.2-3.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.7.2-3.0.1 Add firefox-oracle-default-prefs.js and remove the correspondin...

10CVSS8.3AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2019/07/24 12:0 a.m.42 views

Amazon Linux 2 : thunderbird (ALAS-2019-1250)

libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 libical: Type confusion in icaltimezonegetvtimezoneproperties function in icalproperty.c CVE-2019-11706 Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 libical: Stack buffer overflow in icalrecuraddbydayrules...

10CVSS8.2AI score0.55874EPSS
Exploits28References7
Vulnrichment
Vulnrichment
added 2019/07/23 1:20 p.m.5 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

7.1AI score0.55874EPSS
Exploits10References5
CVE
CVE
added 2019/07/23 1:20 p.m.1354 views

CVE-2019-11708

CVE-2019-11708 is a sandbox-escape vulnerability in Mozilla Firefox ESR and Thunderbird caused by insufficient vetting of parameters in the Prompt:Open IPC message between child and parent processes, allowing a compromised child to cause the non-sandboxed parent to open web content and potentiall...

10CVSS9.2AI score0.55874EPSS
In wildExploits10References6Affected Software2
AlpineLinux
AlpineLinux
added 2019/07/23 1:20 p.m.62 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS9.5AI score0.55874EPSS
Exploits10
ATTACKERKB
ATTACKERKB
added 2019/07/23 12:0 a.m.35 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS0.4AI score0.55874EPSS
In wildExploits10References6
OSV
OSV
added 2019/07/17 11:52 a.m.6 views

SUSE-SU-2019:14124-1 Security update for MozillaFirefox

This update for MozillaFirefox to version ESR 60.8 fixes the following issues: Security issues fixed: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. - CVE-2019-11712:...

10CVSS8.6AI score0.55874EPSS
Exploits16References17
OpenVAS
OpenVAS
added 2019/07/03 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-4045-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.8AI score0.55874EPSS
Exploits14References4
Rows per page
Query Builder