19 matches found
SUSE CVE-2021-29951
The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also...
Mozilla Firefox Security Advisory (MFSA2021-10) - Windows
This host is missing a security update for Mozilla Firefox. This VT has been deprecated as a duplicate of the VT SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2021:1854-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-29951
CVE-2021-29951 involves the Mozilla Maintenance Service granting SERVICE_START access to BUILTIN|Users, enabling domain users to start/stop the browser update service. Affected: Windows systems older than Windows 10 build 1709; Firefox prior to 87 and Firefox ESR prior to 78.10.1, Thunderbird pri...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2021:0858-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES11: MozillaFirefox / MozillaFirefox-translations-common / etc (SUSE-SU-2021:14743-1)
The remote SUSE Linux SLES11 / SLESSAP11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14743-1 advisory. Firefox Extended Support Release 78.11.0 ESR bsc1186696 CVE-2021-29964: Out of bounds-read when parsing a WMCOPYDATA message...
openSUSE Security Update : MozillaFirefox (openSUSE-2021-858)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.11.0 ESR bsc1186696 - CVE-2021-29964: Out of bounds-read when parsing a WMCOPYDATA message - CVE-2021-29967: Memory safety bugs fixed in Firefox This update was imported from the SUSE:SLE-15-SP2:Update...
SUSE: Security Advisory (SUSE-SU-2021:1884-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2021:1884-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1884-1 advisory. Firefox Extended Support Release 78.11.0 ESR bsc1186696 CVE-2021-29964: Out of bounds-read when parsing a WMCOPYDATA message...
SUSE SLED12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2021:1886-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1886-1 advisory. Firefox Extended Support Release 78.11.0 ESR bsc1186696 CVE-2021-29964: Out of bounds-read when parsing a WMCOPYDATA messa...
SUSE: Security Advisory (SUSE-SU-2021:14743-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package firefox-esr version 78.10.1-alt1
May 5, 2021 Andrey Cherepanov 78.10.1-alt1 - New version 78.10.1. - Security fixes: + CVE-2021-29951 Mozilla Maintenance Service could have been started or stopped by domain users...
Security fix for the ALT Linux 10 package thunderbird version 78.10.1-alt1
May 5, 2021 Andrey Cherepanov 78.10.1-alt1 - New version 78.10.1. - Security fixes: + CVE-2021-29951 Thunderbird Maintenance Service could have been started or stopped by domain users - Do not build for ppc64le...
KLA12162 DoS vulnerability in Mozilla Firefox ESR
A denial of service vulnerability was found in Mozilla Firefox ESR. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2021-18 Related products Mozilla-Firefox-ESR CVE list CVE-2021-29951 high Solution Update to the latest version Download Firefox E...
Mozilla Firefox ESR < 78.10.1
"The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.10.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-18 advisory. - The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grant...
Mozilla Firefox ESR < 78.10.1
"The version of Firefox ESR installed on the remote Windows host is prior to 78.10.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-18 advisory. - The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal...
Mozilla Thunderbird < 78.10.1
"The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.10.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-19 advisory. - The Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal...
Mozilla Thunderbird < 78.10.1
"The version of Thunderbird installed on the remote Windows host is prior to 78.10.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-19 advisory. - The Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote...
KLA12163 DoS vulnerability in Mozilla Thunderbird
A denial of service vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2021-19 Related products Mozilla-Thunderbird CVE list CVE-2021-29951 high Solution Update to the latest version Download Thunderbi...