19 matches found
EUVD-2018-4365
Malware in sbrugna...
SUSE CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
openSUSE Security Update : MozillaThunderbird (openSUSE-2019-772)
This update for MozillaThunderbird fixes the following issues : Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852 : Security issues fixed MFSA 2018-28 : - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391:...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
Cross site scripting
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
CVE-2018-12391
CVE-2018-12391 affects Firefox for Android: during HTTP Live Stream playback, audio data can be accessed across origins due to a flaw in the underlying Android service. The vulnerability is addressed by treating all HLS streams as cross-origin and opaque. Affected products/versions include Firefo...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
SUSE-SU-2018:3769-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852: Security issues fixed MFSA 2018-28: - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391: Fix...
openSUSE Security Update : MozillaThunderbird (openSUSE-2018-1340)
This update for MozillaThunderbird fixes the following issues : Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852 : Security issues fixed MFSA 2018-28 : - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391:...
Security update for MozillaThunderbird (important)
This update for MozillaThunderbird fixes the following issues: Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852: Security issues fixed MFSA 2018-28: - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391: Fix...
KLA11342 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Vulnerability related to HTTP Live Stream can be exploited...
Security vulnerabilities fixed in Thunderbird ESR 60.3 — Mozilla
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
Mozilla Firefox < 63.0
The version of Firefox installed on the remote Windows host is prior to 63.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-26 advisory. - When manipulating user events in nested loops while opening a document through script, it is possible to trigger a...
Mozilla Firefox ESR < 60.3 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities : - During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the...
CVE-2018-12391
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin CVE-2018-12392: Crash with nested event loops CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript CVE-2018-12395: WebExtension bypass of domain restrictions through...
Security vulnerabilities fixed in Firefox ESR 60.3 — Mozilla
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...