Astra Linux - уязвимость в firefox, thunderbird

Additional techniques that built upon the slipstream research, combined with a malicious web page, could have exposed both hosts within an internal network as well as services running on the user’s local machine. This vulnerability affects Firefox versions earlier than 85...

SUSE CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2022-0029)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as...

Mozilla: More internal network hosts could have been probed by a malicious webpage

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

Security Vulnerabilities fixed in Thunderbird 78.10 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

Security Vulnerabilities fixed in Firefox ESR 78.10 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

CVE-2021-23982

CVE-2021-23982 is a concrete WebRTC-based information-disclosure vulnerability affecting Mozilla products. The connected documents confirm that a malicious webpage could probe an internal network’s hosts and services running on the user’s machine via WebRTC. Affected products/versions: Firefox ES...

Mozilla: Internal network hosts could have been probed by a malicious webpage

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

Mozilla Thunderbird < 78.9

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-12 advisory. - Mozilla developers and community members Alexis Beingessner, Tyson Smith, Julien Wajsberg, and Matthew...

CVE-2021-23982

Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR 78.9, Firefox 87, and Thunderbird 78.9...

Security Vulnerabilities fixed in Firefox ESR 78.9 — Mozilla

A transient execution vulnerability, named Floating Point Value Injection FPVI allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. A related vulnerability, Speculative Code Store Bypass SCSB, did not affect Firefox. A texture upload of a...

Design/Logic Flaw

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists by combining the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine...

Mozilla Firefox < 85.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in...

CVE-2021-23961

Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox 85...