5125 matches found
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
PT-2023-4804 · Ckeditor4 +3 · Ckeditor4 +3
Name of the Vulnerable Software and Affected Versions: CKEditor4 versions prior to 4.21.0 Description: A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages in CKEditor4. The vulnerability may trigger a JavaScript code after fulfilling special...
ALSA-2023:1407 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 CVE-2023-28176 Mozill...
Oracle Linux 7 : thunderbird (ELSA-2023-1401)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1401 advisory. 102.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.9.0-1 - Update to...
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
Debian dla-3365 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3365 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3365-1 [email protected]...
Oracle Linux 9 : firefox (ELSA-2023-1337)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1337 advisory. 102.9.0-3.0.1 - Updated homepages to use https Orabug: 34648274 102.9.0-3 - Update to 102.9.0 build2 102.9.0-2 - removed disable-openh264-download...
Oracle Linux 7 : firefox (ELSA-2023-1333)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1333 advisory. 102.9.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...
Information Disclosure
firefox-esr is vulnerable to Information Disclosure. The vulnerability that exists when dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0763-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0763-1 advisory. Update to version 102.9.0 ESR bsc1209173: - CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on...
SUSE CVE-2023-28164
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
CVE-2023-28164
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
UBUNTU-CVE-2023-28164
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...
Mozilla Thunderbird < 102.9
The version of Thunderbird installed on the remote Windows host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs...
Mozilla Thunderbird < 102.9
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety...