6 matches found
CVE-2023-29539
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox 112, Focus f...
Debian DSA-5392-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5392 advisory. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can...
CentOS 7 : firefox (RHSA-2023:1791)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affec...
Reflected File Download
firefox is vulnerable to Reflected File Download. The vulnerability exists when handling the filename directive in the Content-Disposition header, and the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks, potentially...
RHEL 7 : thunderbird (RHSA-2023:1806)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1806 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.10.0. Security Fixes:...
Oracle Linux 9 : firefox (ELSA-2023-1786)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1786 advisory. 102.10.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.10.0-1 - Update to 102.10.0 build1 102.9.0-4 - Update to 102.9.0 build2 Tenable ha...