Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

Astra Linux – Vulnerability in Thunderbird

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106...

Astra Linux - уязвимость в firefox

By using iterative requests, an attacker was able to determine the size of an opaque response, as well as the contents of a Vary header provided by the server. This vulnerability affects Firefox versions earlier than 119...

Astra Linux - уязвимость в firefox

When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox versions 123...

Astra Linux - уязвимость в firefox

The incorrect object was checked as NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox versions earlier than 123...

Astra Linux - уязвимость в firefox

GNOME was leaking browser tab titles into system logs. This could potentially expose users’ browsing habits when they are using private tabs. This vulnerability affects Firefox versions earlier than 121...

Astra Linux - уязвимость в firefox, thunderbird

A type checking bug could have resulted in invalid code being compiled. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 119. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 120...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 缓冲区错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 资源管理错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

Astra Linux – Vulnerability in Firefox

Under unusual circumstances, an individual thread may survive the termination of its manager during shutdown. This could lead to a use-after-free condition, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 98...

Astra Linux – Vulnerability in Firefox

Firefox’s HTML parser did not correctly interpret HTML comment tags, leading to inconsistencies with other browsers. This vulnerability could have been exploited to embed user-controlled data within HTML comments on pages. This issue affects Firefox versions prior to 101...

Astra Linux – Vulnerability in Firefox, Thunderbird

Mozilla developers and community members reported memory safety bugs in Firefox 93 and Firefox ESR 91.2. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability...

Astra Linux – Vulnerability in Firefox and Thunderbird

When Responsive Design Mode was enabled, it used references to objects that had previously been freed. We assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Astra Linux – Vulnerability in Firefox and Thunderbird

The WebAssembly JIT might miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Astra Linux – Vulnerability in Firefox

By using XSL Transforms, a malicious webserver could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox versions earlier than 97...

Astra Linux – Vulnerability in Firefox

When using the Performance API, attackers were able to detect subtle differences between PerformanceEntries, thereby determining whether the target URL had undergone a redirect. This vulnerability affects Firefox 103...

Astra Linux – Vulnerability in Firefox

If an attacker loads a font using FontFace on a background worker, a use-after-free might occur, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 107...