350 matches found
Mozilla: Failure to update user input timestamp
The Mozilla Foundation Security Advisory describes this flaw as: It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load...
RHEL 9 : firefox (RHSA-2024:0604)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0604 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Debian dsa-5606 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5606 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5606...
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
Mozilla: Queued up rendering could have allowed websites to clickjack
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...
Mozilla: Queued up rendering could have allowed websites to clickjack
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...
Mozilla: Queued up rendering could have allowed websites to clickjack
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: Certain browser prompts and dialogs could be activated or dismissed unintentionally by the user due to an insufficient activation delay...
USN-6456-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5722, CVE-2023-5724,...
RHEL 8 : thunderbird (RHSA-2023:6194)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6194 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.4.1. Security Fixes: Mozilla:...
RHEL 8 : firefox (RHSA-2023:6187)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6187 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2023-5721
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...
CVE-2023-5721
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...
CVE-2023-5721
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...
CVE-2023-5721
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...
PT-2023-24964 · Microsoft · Windows 10
Name of the Vulnerable Software and Affected Versions: KioWare for Windows versions through 8.33 Description: The issue is related to an incomplete blacklist filter for blocked dialog boxes on Windows 10, allowing attackers to open a file dialog box via the showDirectoryPicker function. This can...
Oracle Linux 8 : thunderbird (ELSA-2023-3588)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3588 advisory. 102.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.12.0-1 - Update to 102.12.0 build1 Tenable h...
ASB-A-175190844
In multiple buttons of grantpermissions.xml, there is a possible way to bypass permissions dialogs due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
SUSE CVE-2004-0909
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then...