Astra Linux - уязвимость в firefox, thunderbird

A missing delay in the timing of the pointer lock mechanism could have allowed a malicious page to trick users into granting permissions. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

Linux Distros Unpatched Vulnerability : CVE-2024-27047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: phy: fix phygetinternaldelay accessing an empty array The phygetinternaldelay function...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

SUSE CVE-2024-9397

A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9397

A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

CVE-2024-9397

A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions...

Permissions Bypass

thunderbird is vulnerable to a Permissions Bypass. The vulnerability is due to a missing delay on pointer lock usage, allowing a malicious page to deceive users into granting permissions...

RHEL 8 : thunderbird (RHSA-2024:1499)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1499 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss:...