61 matches found
MiracleLinux 7 : firefox-68.5.0-2.0.1.el7.AXS7 (AXSA:2020-4469:04)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4469:04 advisory. Mozilla: Missing bounds check on shared memory read in the parent process CVE-2020-6796 Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox...
Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4278-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4278-2 advisory. USN-4278-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Tenable has extracted the preceding...
Oracle Linux 8 : thunderbird (ELSA-2020-0577)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0577 advisory. 68.5.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.5.0-1 - Update to 68.5.0 build1 Tenable ha...
Oracle Linux 6 : firefox (ELSA-2020-0521)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0521 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Slackware: Security Advisory (SSA:2020-042-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0090)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0091)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14290-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0383-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2020-0026)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This...
Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud App Management
Summary There are multiple vulnerabilities in Mozilla Firefox used by IBM® Cloud App Management. IBM Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2020-6796 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrar...
Ubuntu: Security Advisory (USN-4335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : Thunderbird vulnerabilities (USN-4328-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4328-1 advisory. It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information...
Ubuntu: Security Advisory (USN-4328-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4328-1: Thunderbird vulnerabilities
It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. CVE-2020-6792 Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.5.0 ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF10 + ICAM 3.0 - 4.0
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-6796, CVE-2020-6800, CVE-2020-6798 Vulnerability Details CVEID: CVE-2020-6796 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write...
Amazon Linux 2 : thunderbird (ALAS-2020-1408)
The version of thunderbird installed on the remote host is prior to 68.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1408 advisory. When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents...
CVE-2020-6800
CVE-2020-6800 involves memory safety bugs identified in Firefox 72 and Firefox ESR 68.4, with potential to corrupt memory and enable arbitrary code execution in browser-like contexts. Affected products include Thunderbird and Firefox versions older than 68.5/73 respectively (Thunderbird < 68.5...
CVE-2020-6800
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws...