Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2018-1189)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2018-1126)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for firefox (EulerOS-SA-2018-1125)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0136)

The remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

Privilege Escalation

Firefox is vulnerable to privilege escalation attacks. A remote attacker could exploit a flaw by manipulating the baseURI property of the theme element. This could cause lightweight themes to be installed without user interaction...

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2019-364)

This update for Mozilla Thunderbird to version 52.8 fixes the following issues : Security issues fixed MFSA 2018-13, boo1092548 : - CVE-2018-5183: Backport critical security fixes in Skia - CVE-2018-5154: Use-after-free with SVG animations and clip paths - CVE-2018-5155: Use-after-free with SVG...

CVE-2018-5168

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects...

Security feature bypass

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects...

CVE-2018-5168

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects...

CVE-2018-5168

CVE-2018-5168 is a vulnerability in Thunderbird and Firefox where an attacker can bypass permission checks by manipulating the baseURI of the theme element, enabling a user interaction-free installation of a theme that could contain offensive images. Affected products and versions per the records...

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150. Mozilla: Use-after-free with SVG animations and clip paths CVE-2018-5154. Mozilla: Use-after-free with SVG animations and text paths CVE-2018-5155. Mozill...

firefox security update

CentOS Errata and Security Advisory CESA-2018:1415 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : thunderbird (CESA-2018:1725)

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3660-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3660-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a...

RHEL 6 : thunderbird (RHSA-2018:1726)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:1726 advisory. - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Use-after-free with SVG animations and clip...

Mozilla: Lightweight themes can be installed without user interaction

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects...

Security update for Mozilla Thunderbird (important)

This update for Mozilla Thunderbird to version 52.8 fixes the following issues: Security issues fixed MFSA 2018-13, boo1092548: - CVE-2018-5183: Backport critical security fixes in Skia - CVE-2018-5154: Use-after-free with SVG animations and clip paths - CVE-2018-5155: Use-after-free with SVG...

Security fix for the ALT Linux 10 package thunderbird version 52.8.0-alt1

May 19, 2018 Andrey Cherepanov 52.8.0-alt1 - New version 52.8.0. - Enigmail 2.0.4. - Fixes: + CVE-2018-5183 Backport critical security fixes in Skia + CVE-2018-5184 Full plaintext recovery in S/MIME via chosen-ciphertext attack + CVE-2018-5154 Use-after-free with SVG animations and clip paths +...

USN-3645-2: Firefox regression

USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumsances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2018:1319-1)

This update for MozillaFirefox to ESR 52.8 release fixes the following issues: Update to Firefox ESR 52.8 bsc1092548 Security issues fixed : - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF...