EUVD-2019-19174

Malware in sbrugna...

EUVD-2012-0482

Malware in sbrugna...

CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2019:2260-1 Rating: important References: 1109465 1117473 1123482 1124525 1133810 1138688 1140868 1141322 1145665 1149292 1149293 1149294 1149295 1149296 1149297 1149298 1149299 1149302 1149303 1149304 11493...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2019:2251-1 Rating: important References: 1109465 1117473 1123482 1124525 1133810 1138688 1140868 1141322 1145665 1149292 1149293 1149294 1149295 1149296 1149297 1149298 1149299 1149302 1149303 1149304 11493...

Mozilla: Sandbox escape through Firefox Sync

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

Mozilla: Sandbox escape through Firefox Sync

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

Security fix for the ALT Linux 10 package firefox-esr version 68.1.0-alt1

Sept. 4, 2019 Andrey Cherepanov 68.1.0-alt1 - New ESR version 68.1.0. - Fixed: + CVE-2019-11751 Malicious code execution through command line parameters + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML +...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11751: Malicious code execution through command line parameters CVE-2019-11746: Use-after-free while manipulating video CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11742: Same-origin policy violation with SVG...

Security vulnerabilities fixed in Firefox ESR 60.9 — Mozilla

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. Some HTML elements, such as and , can contain literal angle brackets without treating them as markup. It is possible to pass a liter...

thunderbird security update

31.2.0-3.0.1.el65 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 31.2.0-3 - Enabled jemalloc on ppc64 and s390x 31.2.0-2 - Update to 31.2.0 31.1.1-2 - Sync preferences with Firefox 31.1.1-1 - Update to 31.1.1 31.1.0-1 - Update to 31.1.0 31.0-1 - Rebase to ...

Mozilla Firefox < 10.0 Multiple Vulnerabilities

Binary data 6306.prm...

SuSE 11.1 Security Update : MozillaFirefox (SAT Patch Number 5754)

This update provides Mozilla Firefox 10, which provides many fixes, security and feature enhancements. For a detailed list, please have a look at http://www.mozilla.org/en-US/firefox/10.0/releasenotes/ and http://www.mozilla.org/de/firefox/features/ The following security issues have been fixed i...

Ubuntu Update for ubufox USN-1355-3

Ubuntu Update for Linux kernel vulnerabilities USN-1355-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN13553.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ubufox USN-1355-3 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1355-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-0450

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations...

Code injection

Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations...