252 matches found
Mozilla Thunderbird < 78.15
The version of Thunderbird installed on the remote Windows host is prior to 78.15. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-46 advisory. - Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present ...
SUSE SLES11: MozillaFirefox / MozillaFirefox-translations-common / etc (SUSE-SU-2021:14821-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14821-1 advisory. This update contains the Firefox Extended Support Release 91.1.0 ESR. Fixed: Various stability, functionality, and security fixes MFSA 2021-40...
SUSE SLED12: MozillaFirefox / MozillaFirefox-branding-SLE / MozillaFirefox-devel / etc (SUSE-SU-2021:3191-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3191-1 advisory. This update contains the Firefox Extended Support Release 91.1.0 ESR. Fixed: Various stability, functionality, and securit...
Debian DLA-2745-1 : thunderbird - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2745 advisory. Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For Debian 9 stretch, these problems have been fixe...
openSUSE 15 Security Update : MozillaThunderbird (openSUSE-SU-2021:2874-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2874-1 advisory. - Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable...
Memory corruption
Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
CVE-2021-29980
Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Oracle Linux 7 : thunderbird (ELSA-2021-3160)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-3160 advisory. 78.13.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.13.0-1 - Update to 78.13.0 build1 78.12.0-3 -...
Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fix security vulnerabilities: Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash CVE-2021-29980. Instruction reordering during JIT optimization resulted in a sequence of...
Debian DSA-4959-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4959 advisory. Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution bullseye, these proble...
Updated firefox packages fix security vulnerabilities
Updated firefox packages fix security vulnerabilities: Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash CVE-2021-29980. Instruction reordering during JIT optimization resulted in a sequence of instructions...
SUSE SLES11: MozillaFirefox / MozillaFirefox-translations-common / etc (SUSE-SU-2021:14782-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14782-1 advisory. Firefox Extended Support Release 78.13.0 ESR MFSA 2021-34, bsc1188891: - CVE-2021-29986: Race condition when resolving DNS names could have le...
Debian DLA-2740-1 : firefox-esr - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2740 advisory. - Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presum...
Denial Of Service(DoS)
firefox-esr:edge is vulnerable to denial of service. A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash...
CVE-2021-29980
Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and Firefox 91...
Security Vulnerabilities fixed in Thunderbird 78.13 — Mozilla
A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. Thunderbird incorrectly treated an inline list-item element as a block element, resulti...
Mozilla Firefox ESR < 78.13
The version of Firefox ESR installed on the remote Windows host is prior to 78.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-34 advisory. - Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety...
Mozilla Firefox < 91.0
The version of Firefox installed on the remote Windows host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reported memory...
Mozilla Firefox ESR < 78.13
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-34 advisory. - Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memor...
Memory corruption
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered when accessibility was enabled.. This vulnerability affects Thunderbird 78.12, Firefox ESR 78.12, and Firefox 90...