24 matches found
OESA-2026-2394 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
Use of Low-Level Functionality
Overview Affected versions of this package are vulnerable to Use of Low-Level Functionality through improper validation of user-supplied input. An attacker can execute arbitrary code or compromise user data by enticing a victim to visit a malicious website. Remediation Upgrade Firefox to version...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the rendering process. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox to version 143.0 or higher. References -...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error via the rendering process. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox to version 143.0 or higher...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error via the rendering process. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox-ESR to version 140.3 or higher...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key through improper handling of web content. An attacker can execute arbitrary code or compromise user data by enticing a user to visit a specially crafted web page. Remediation Upgrade...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the rendering process. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox to version 143.0 or higher...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the processing of web content. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox to version 143.0 or higher...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via improper handling of certain web content. An attacker can execute arbitrary code or cause a denial of service by enticing a user to visit a specially crafted web page. Remediation Upgrade Firefox to...
OESA-2025-1718 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...
CentOS: Security Advisory for firefox (CESA-2020:5239)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Enhancement Advisory: nss, nss-softokn, nss-util and nspr bug fix and enhancement update
Updated nss, nss-softokn, nss-util and nspr packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6. Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20190327)
This update upgrades Firefox to version 60.6.1 ESR. Security Fixes : - Mozilla: IonMonkey MArraySlice has incorrect alias information CVE-2019-9810 - Mozilla: Ionmonkey type confusion with proto mutations CVE-2019-9813 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20181217)
This update upgrades Firefox to version 60.4.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 CVE-2018-12405 - Mozilla: Memory corruption in Angle CVE-2018-17466 - Mozilla: Use-after-free with select element CVE-2018-18492 - Mozilla: Buffer overflow i...
Oracle Linux 6 : firefox (ELSA-2018-3006)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2018-3006 advisory. 60.3.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.3.0-1 - Update to 60.3.0 ESR 60.2.2-...
Scientific Linux Security Update : firefox on SL7.x x86_64 (20181025)
This update upgrades Firefox to version 60.3.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390 - Mozilla: Crash with nested event loops CVE-2018-12392 - Mozilla: Integer overflow during Unicode conversion while loading JavaScript...
Oracle Linux 6 / 7 : firefox (ELSA-2017-1440)
From Red Hat Security Advisory 2017:1440 : An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which giv...
Firefox 39.03 - pdf.js Same Origin Policy Exploit
Exploit for multiple platform in category local exploits / Exploit Title: Firefox CVE-2015-4495 Test Run the index.html Make sure the main.js is in the same directory and we should be able to see the directory listing. 3. Solution Upgrade to the latest firefox 39.0.3 / var starttimeout=2000; var...
Mandriva Update for firefox MDVA-2012:048 (firefox)
Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVA-2012:048 firefox Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Mozilla Products Multiple Vulnerabilities - Dec 11 (MAC OS X)
The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsmultvulnmacosxdec11.nasl 7044 2017-09-01 11:50:59Z teissa $ Mozilla Products Multiple Vulnerabilities - Dec 11 MAC OS X Authors: Madhuri D...