Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.23 views

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4032-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4032-1 advisory. It was discovered that a sandboxed child process could open arbitrary web content in the parent process via the Prompt:Open IPC message. When combined...

10CVSS9AI score0.55874EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2020-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.9AI score0.55874EPSS
Exploits14References7
RedhatCVE
RedhatCVE
added 2020/04/01 8:10 a.m.39 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS4.2AI score0.55874EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2020/03/11 12:0 a.m.41 views

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0017)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process...

10CVSS8.8AI score0.55874EPSS
Exploits22References32
Tenable Nessus
Tenable Nessus
added 2020/03/11 12:0 a.m.36 views

NewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0022)

The remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent proces...

10CVSS8.9AI score0.55874EPSS
Exploits37References36
Mageia
Mageia
added 2020/01/05 3:37 p.m.56 views

Updated mozjs60 packages fix security vulnerability

The updated packages fix security vulnerabilities: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox...

10CVSS1.6AI score0.55874EPSS
Exploits14References3
OSV
OSV
added 2020/01/05 3:37 p.m.8 views

MGASA-2020-0009 Updated mozjs60 packages fix security vulnerability

The updated packages fix security vulnerabilities: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox...

10CVSS9.1AI score0.55874EPSS
Exploits14References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.33 views

Security Bulletin: One vulnerability of Mozzila Firefox (less than Firefox 60.7.2 ESR) has affected Synthetic Playback Agent 8.1.4.0 - 8.1.4 IF07

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2019-11708 Vulnerability Details CVEID: CVE-2019-11708 DESCRIPTION: Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

10CVSS0.8AI score0.55874EPSS
Exploits10Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.55 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0164)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

10CVSS8.5AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.34 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2019-0161)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed paren...

10CVSS8.5AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.40 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0163)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

10CVSS8.7AI score0.55874EPSS
Exploits28References7
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.38 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0160)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

10CVSS8.7AI score0.55874EPSS
Exploits28References7
Prion
Prion
added 2019/07/23 2:15 p.m.27 views

Design/Logic Flaw

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS9.2AI score0.55874EPSS
Exploits10References5Affected Software3
Vulnrichment
Vulnrichment
added 2019/07/23 1:20 p.m.5 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

7.1AI score0.55874EPSS
Exploits10References5
CVE
CVE
added 2019/07/23 1:20 p.m.1354 views

CVE-2019-11708

CVE-2019-11708 is a sandbox-escape vulnerability in Mozilla Firefox ESR and Thunderbird caused by insufficient vetting of parameters in the Prompt:Open IPC message between child and parent processes, allowing a compromised child to cause the non-sandboxed parent to open web content and potentiall...

10CVSS9.2AI score0.55874EPSS
In wildExploits10References6Affected Software2
Veracode
Veracode
added 2019/07/01 12:15 a.m.31 views

Arbitrary Code Execution

firefox/thunderbird is vulnerable to arbitrary code execution. Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with...

10CVSS9.7AI score0.55874EPSS
Exploits10References9Affected Software2
UbuntuCve
UbuntuCve
added 2019/06/21 12:0 a.m.40 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS7.4AI score0.55874EPSS
Exploits10References5
Kaspersky
Kaspersky
added 2019/06/20 12:0 a.m.38 views

KLA11505 Incorrect parameters parsing vulnerability in Mozilla Firefox ESR

Vulnerability, related to insufficient vetting of parameters passed with the Prompt:Open IPC message was found in Mozilla Firefox. Malicious users can exploit this vulnerability via specially designed website to bypass security restrictions. Original advisories mfsa2019-19 Related products...

10CVSS9.2AI score0.55874EPSS
Exploits10References3
Kaspersky
Kaspersky
added 2019/06/20 12:0 a.m.48 views

KLA11510 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability related to JavaScript objects can be exploited to cause...

10CVSS9.7AI score0.55874EPSS
Exploits14References4
Kaspersky
Kaspersky
added 2019/06/20 12:0 a.m.50 views

KLA11504 Incorrect parameters parsing vulnerability in Mozilla Firefox

Vulnerability, related to insufficient vetting of parameters passed with the Prompt:Open IPC message was found in Mozilla Firefox. Malicious users can exploit this vulnerability via specially designed website to bypass security restrictions. Original advisories - Related products Mozilla-Firefox...

10CVSS9.2AI score0.55874EPSS
Exploits10References2
Rows per page
Query Builder