CentOS 8 : firefox (CESA-2021:1360)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1360 advisory. - Mozilla: More internal network hosts could have been probed by a malicious webpage CVE-2021-23961 - Mozilla: Out of bound write due to lazy...

Updated firefox packages fix security vulnerabilities

More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...

Updated thunderbird packages fix security vulnerabilities

More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...

MGASA-2021-0199 Updated firefox packages fix security vulnerabilities

More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...

SUSE-SU-2021:1325-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR bsc1184960 CVE-2021-23994: Out of bound write due to lazy initialization CVE-2021-23995: Use-after-free in Responsive Design Mode CVE-2021-23998: Secure Lock icon could have been spoofed CVE-2021-23961...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:1307-1)

This update for MozillaFirefox fixes the following issues : Firefox was updated to 78.10.0 ESR bsc1184960 - CVE-2021-23994: Out of bound write due to lazy initialization - CVE-2021-23995: Use-after-free in Responsive Design Mode - CVE-2021-23998: Secure Lock icon could have been spoofed -...

CentOS 8 : thunderbird (CESA-2021:1353)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:1353 advisory. - Mozilla: More internal network hosts could have been probed by a malicious webpage CVE-2021-23961 - Mozilla: Out of bound write due to lazy...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Security fix for the ALT Linux 10 package thunderbird version 78.10.0-alt1

April 26, 2021 Andrey Cherepanov 78.10.0-alt1 - New version 78.10.0. - Security fixes: + CVE-2021-23994 Out of bound write due to lazy initialization + CVE-2021-23995 Use-after-free in Responsive Design Mode + CVE-2021-23998 Secure Lock icon could have been spoofed + CVE-2021-23961 More internal...

RHEL 8 : firefox (RHSA-2021:1361)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1361 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

SUSE-SU-2021:1307-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR bsc1184960 CVE-2021-23994: Out of bound write due to lazy initialization CVE-2021-23995: Use-after-free in Responsive Design Mode CVE-2021-23998: Secure Lock icon could have been spoofed CVE-2021-23961...

Multiple MacOS X security vulnerabilities

Apple Type Services server font processing buffer overflow. ftpd may allow arbitrary users to determine account name validity. CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI. Security Framework Secure Transport may not negotiate the best cipher available. PPP driv...

FTP Internet Access Manager <= 1.2 Command Execution Exploit

No description provided by source. !usr/bin/perl FTP Internet Access Manager Command Exploit ---------------------------------------------- Infam0us Gr0up - Securiti Research Info: infamous.2hell.com Vendor URL: www.softfolder.com/internetaccessmanager.html use IO::Socket; if @ARGV != 4 print "\n...

[SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 631-1 [email protected] http://www.debian.org/security/ Martin Schulze January 10th, 2005 http://www.debian.org/security/faq -...

CVE-2004-1165

Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline "%0a" before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command...

CVE-2004-1165

Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline "%0a" before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command...

Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution

Microsoft Internet Explorer 5.0.1 - FTP URI Arbitrary FTP Server Command Execution source: https://www.securityfocus.com/bid/11826/info Microsoft Internet Explorer is reported prone to an arbitrary FTP server command-execution vulnerability. This issue is due to the application's failure to...