78 matches found
Mageia: Security Advisory (MGASA-2020-0352)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2020-36) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0172)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger obje...
SUSE: Security Advisory (SUSE-SU-2020:2563-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2544-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : thunderbird (CESA-2020:3634)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3634 advisory. - Mozilla: Attacker-induced prompt for extension installation CVE-2020-15664 - Mozilla: Use-After-Free when aborting an operation CVE-2020-15669 Note...
RHEL 8 : thunderbird (RHSA-2020:3633)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3633 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.12.0. Security Fixes: Mozilla:...
DEBIAN-CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
CVE-2020-15664
The CVE-2020-15664 issue arises from a malicious page holding a reference to eval() from an about:blank window, allowing access to InstallTrigger and prompting users to install an extension. Affected products include Firefox < 80, Thunderbird < 78.2/68.12, Firefox ESR < 68.12/78.2, and F...
CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Amazon Linux 2 : thunderbird (ALAS-2020-1496)
The version of thunderbird installed on the remote host is prior to 68.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1496 advisory. By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.12.0 ESR + CVE-2020-15664) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-15664, CVE-2020-15663, CVE-2020-15669 Vulnerability Details CVEID: CVE-2020-15664 DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by an attacker induced prompt...
Oracle Linux 7 : thunderbird (ELSA-2020-3631)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3631 advisory. 68.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Build with rust-toolset 1.43 68.12.0-1 - Update...
thunderbird security update
CentOS Errata and Security Advisory CESA-2020:3643 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CentOS 7 : thunderbird (RHSA-2020:3631)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3631 advisory. - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object whi...
Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-256-01)
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-256-01. The text itself is copyright C Slackware Linu...
openSUSE Security Update : MozillaThunderbird (openSUSE-2020-1392)
This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird was updated to 68.12 bsc1175686 - CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege - CVE-2020-15664: Attacker-induced prompt for extension...
openSUSE Security Update : MozillaFirefox (openSUSE-2020-1391)
This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.2.0 ESR - Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 bsc1175686 - CVE-2020-15663 bmo1643199 Downgrade attack on the Mozilla Maintenance Servic...
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2020:1392-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...