FreeBSD : mozilla -- multiple vulnerabilities (d10b49b2-8d02-49e8-afde-0844626317af)

Mozilla Foundation reports : CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 CVE-2018-18492: Use-after-free with select element CVE-2018-18493: Buffer overflow in...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3844-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3844-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacke...

Debian DSA-4354-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Mozilla Firefox ESR Security Advisories (MFSA2018-29, MFSA2018-30) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox ESR Security Advisories (MFSA2018-29, MFSA2018-30) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox Security Advisories (MFSA2018-28, MFSA2018-30) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

[SECURITY] [DSA 4354-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4354-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2018 https://www.debian.org/security/faq -...

Mozilla Firefox < 64.0

The version of Firefox installed on the remote Windows host is prior to 64.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-29 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a ra...

Mozilla Firefox ESR < 60.4

The version of Firefox ESR installed on the remote Windows host is prior to 60.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-30 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when ...

[ASA-201812-9] firefox: multiple issues

Arch Linux Security Advisory ASA-201812-9 ========================================= Severity: Critical Date : 2018-12-12 CVE-ID : CVE-2018-12405 CVE-2018-12406 CVE-2018-12407 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18495 CVE-2018-18497 Package : firefox Type : multipl...

Debian: Security Advisory (DLA-1605-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3844-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restritions, or execute arbitrary code. CVE-2018-12405, CVE-2018-12406, CVE-2018-1240...

USN-3844-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restritions, or execute arbitrary code. CVE-2018-12405, CVE-2018-12406, CVE-2018-1240...

CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

DEBIAN-CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

UBUNTU-CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...

CVE-2018-18352

CVE-2018-18352 affects Chromium/Google Chrome Media handling, where cross-origin audio could be accessed due to an inappropriate implementation that bypassed the same-origin policy for audio content via crafted HTML. The issue is fixed in Chromium up to version 71.0.3578.80; upstream patches exis...

CVE-2018-18352

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page...