SUSE-SU-2024:2061-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Update to version 115.12.0 ESR bsc1226027 - CVE-2024-5702: Use-after-free in networking - CVE-2024-5688: Use-after-free in JavaScript object transplant - CVE-2024-5690: External protocol handlers leaked by timing attack - CVE-2024-5691:...

CVE-2024-5700

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 127, Firefox ESR...

RHEL 9 : thunderbird (RHSA-2024:2903)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2903 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fixes: firefox...

Fedora 37 : firefox (2023-4e191bea36)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4e191bea36 advisory. - Update to latest upstream 119.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Security Vulnerabilities fixed in Thunderbird 78.15

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Thunderbird 78.14...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:0259-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.7.0 ESR MFSA 2021-04, bsc1181414 - CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests - CVE-2021-23954: Fixed a type confusion when using logical assignment operators ...

Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS. The vulnerability exists through memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5...

CVE-2018-12376

Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 62, Firefox ESR 60.2, and Thunderbird 60.2....

CVE-2017-5429

Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird...