Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190715)

This update upgrades Thunderbird to version 60.8.0. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11709 - Mozilla: Sandbox escape via installation of malicious language pack CVE-2019-9811 - Mozilla: Script injection within domain through inner...

RHEL 7 : thunderbird (RHSA-2019:1775)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1775 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Security Fixes: Mozilla:...

RHEL 6 : thunderbird (RHSA-2019:1777)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1777 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Security Fixes: Mozilla:...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190715)

This update upgrades Thunderbird to version 60.8.0. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11709 - Mozilla: Sandbox escape via installation of malicious language pack CVE-2019-9811 - Mozilla: Script injection within domain through inner...

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-4054-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4054-1 advisory. A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this...

Oracle Linux 6 : firefox (ELSA-2019-1765)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-1765 advisory. 60.8.0-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one Tenable has extracted the preceding...

RHEL 6 : firefox (RHSA-2019:1765)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1765 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20190711)

This update upgrades Firefox to version 60.8.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 CVE-2019-11709 - Mozilla: Sandbox escape via installation of malicious language pack CVE-2019-9811 - Mozilla: Script injection within domain through inner...

CentOS Update for firefox CESA-2019:1763 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

17 years not to fix Firefox local file stealing vulnerability analysis-vulnerability warning-the black bar safety net

Recently, security researchers Barak Tawily of the homologous policy the Same Origin Policy attack carried out research and found that the Firefox browser due to file scheme URI to the same origin policy of improperly implemented, will lead to Firefox browser by the local file theft attack. Attac...

USN-4054-1: Firefox vulnerabilities

A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

USN-4054-1 firefox vulnerabilities

A sandbox escape was discovered in Firefox. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. CVE-2019-9811 Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted...

firefox security update

CentOS Errata and Security Advisory CESA-2019:1765 An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

Critical: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

curl: Insecure Frame (External)

Summary: Insecure Frame External Steps To Reproduce: Vulnerability Details identified an external insecure or misconfigured iframe. Remedy Apply sandboxing in inline frame For untrusted content, avoid the usage of seamless attribute and allow-top-navigation, allow-popups and allow-scripts in...