EUVD-2022-37427

Malicious code in bioql PyPI...

Important: firefox

Issue Overview: Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough...

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Design/Logic Flaw

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

CVE-2022-34472

CVE-2022-34472 : If a PAC URL is configured and the PAC host is unreachable, OCSP requests are blocked, leading to incorrect error pages being shown. Affected: Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, Thunderbird

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

ASB-A-219498290

In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:2279-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2279-1 advisory. - If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2022:2289-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2289-1 advisory. - If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object...

Oracle Linux 9 : thunderbird (ELSA-2022-5482)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5482 advisory. 91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires...

CVE-2022-34472

If there was a PAC URL set and the server that hosts the PAC was not reachable, OCSP requests would have been blocked, resulting in incorrect error pages being shown. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Oracle Linux 7 : thunderbird (ELSA-2022-5480)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5480 advisory. 91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.11.0-2 - Update to...

Oracle Linux 8 : firefox (ELSA-2022-5469)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5469 advisory. 91.11.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.11.0-2 - Update to 91.11...

Mozilla Thunderbird < 91.11

The version of Thunderbird installed on the remote Windows host is prior to 91.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-26 advisory. - The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showe...

Oracle Linux 8 : thunderbird (ELSA-2022-5470)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5470 advisory. 91.11.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.11.0-2 - Update to 91.11.0 build2 91.11.0-1 -...

Denial Of Service (DoS)

firefox and thunderbird are vulnerable to denial of service. The vulnerability exists when a PAC URL is set and the server that hosts the PAC is not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

Mozilla Firefox ESR < 91.11

The version of Firefox ESR installed on the remote Windows host is prior to 91.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-25 advisory. - The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of...