28 matches found
Astra Linux - уязвимость в thunderbird, firefox
A background script that invokes requestFullscreen and then blocks the main thread could cause the browser to enter fullscreen mode indefinitely, potentially causing confusion for users or leading to spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102....
CVE-2023-25730
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25730
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25730
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
GLSA-202305-35 : Mozilla Firefox: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202305-35 Mozilla Firefox: Multiple Vulnerabilities - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. CVE-2023-0767 -...
Amazon Linux 2 : thunderbird (ALAS-2023-1983)
The version of thunderbird installed on the remote host is prior to 102.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1983 advisory. 2024-02-15: CVE-2023-0616 was added to this advisory. If a MIME email combines OpenPGP and OpenPGP MIME data in a...
Important: thunderbird
Issue Overview: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted messa...
AlmaLinux 9 : firefox (ALSA-2023:0810)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0810 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being...
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:0469-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0469-1 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag...
Rocky Linux 9 : firefox (RLSA-2023:0810)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0810 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory...
Rocky Linux 8 : firefox (RLSA-2023:0808)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0808 advisory. - Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:0461-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0461-1 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary...
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Mozilla: Screen hijack via browser fullscreen mode
The Mozilla Foundation Security Advisory describes this flaw as: A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks...
Oracle Linux 8 : thunderbird (ELSA-2023-0821)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0821 advisory. 102.8.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.8.0-2 - Update to 102.8.0 build2 102.8.0-1 -...
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5880-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5880-1 advisory. Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a...
Debian DSA-5355-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5355 advisory. Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution...