57 matches found
MiracleLinux 7 : firefox-68.5.0-2.0.1.el7.AXS7 (AXSA:2020-4469:04)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4469:04 advisory. Mozilla: Missing bounds check on shared memory read in the parent process CVE-2020-6796 Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox...
Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4278-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4278-2 advisory. USN-4278-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Tenable has extracted the preceding...
Oracle Linux 6 : firefox (ELSA-2020-0521)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0521 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Oracle Linux 8 : thunderbird (ELSA-2020-0577)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0577 advisory. 68.5.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1 Tenable ha...
Slackware: Security Advisory (SSA:2020-042-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0091)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0090)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0383-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2020-0026)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This...
Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud App Management
Summary There are multiple vulnerabilities in Mozilla Firefox used by IBM® Cloud App Management. IBM Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2020-6796 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrar...
Ubuntu: Security Advisory (USN-4335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : Thunderbird vulnerabilities (USN-4328-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4328-1 advisory. It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information...
Ubuntu: Security Advisory (USN-4328-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.5.0 ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF10 + ICAM 3.0 - 4.0
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-6796, CVE-2020-6800, CVE-2020-6798 Vulnerability Details CVEID: CVE-2020-6796 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write...
Amazon Linux 2 : thunderbird (ALAS-2020-1408)
The version of thunderbird installed on the remote host is prior to 68.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1408 advisory. When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents...
CVE-2020-6798
CVE-2020-6798 involves incorrect parsing when a template tag is used inside a select tag, enabling JavaScript injection under browser-like contexts. The vulnerability affects Thunderbird versions prior to 68.5 (and Firefox before 73 / ESR 68.5); exploitation is discussed in the context of cross-s...
CVE-2020-6798
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be...
CentOS 6 : thunderbird (RHSA-2020:0574)
The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0574 advisory. - When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects...