Linux Distros Unpatched Vulnerability : CVE-2020-6822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort...

Oracle Linux 6 : firefox (ELSA-2020-1429)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-1429 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Mageia: Security Advisory (MGASA-2020-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2020-12) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14339-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14339-1 advisory. - When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the...

CentOS 8 : thunderbird (CESA-2020:1495)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:1495 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6819 - Mozilla: Use-after-free when handling a ReadableStream CVE-2020-6820 ...

CentOS 8 : firefox (CESA-2020:1406)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:1406 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6821 - Mozilla: Out of bounds write in GMPDecodeData...

thunderbird security update

CentOS Errata and Security Advisory CESA-2020:1488 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2020-6822

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.7.0, Firefox ESR 68.7, and Firefox 75...

Out-of-bounds

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.7.0, Firefox ESR 68.7, and Firefox 75...

CVE-2020-6822

CVE-2020-6822 is an out-of-bounds write in GMPDecodeData when processing images larger than 4 GB on 32-bit builds, potentially allowing arbitrary code execution. Affected products include Thunderbird and Firefox (Thunderbird < 68.7.0, Firefox ESR < 68.7, Firefox

CVE-2020-6822

On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.7.0, Firefox ESR 68.7, and Firefox 75...

Oracle Linux 7 : thunderbird (ELSA-2020-1489)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-1489 advisory. 68.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.7.0-1 - Update to 68.7.0 build1 Tenable has...

Mozilla: Out of bounds write in GMPDecodeData when processing large images

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...

Mozilla: Out of bounds write in GMPDecodeData when processing large images

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...

RHEL 8 : thunderbird (RHSA-2020:1496)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1496 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Security Fixes: Mozilla:...

RHEL 7 : thunderbird (RHSA-2020:1489)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1489 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Security Fixes: Mozilla:...

Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Use-after-free while running the nsDocShell destructor. CVE-2020-6819 Use-after-free when handling a ReadableStream. CVE-2020-6820 Uninitialized memory could be read when using the WebGL copyTexSubImage method. CVE-2020-6821 Out of bounds write i...

Mozilla: Out of bounds write in GMPDecodeData when processing large images

The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code...

openSUSE Security Update : MozillaFirefox (openSUSE-2020-493)

This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues : - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method bsc1168874. - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images bsc1168874. -...