RHEL 8 : thunderbird (RHSA-2025:8391)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:8391 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: JavaScript Execution via Spoofed PDF Attachment...

CVE-2008-7299

IBM Tivoli Federated Identity Manager TFIM 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field...

[SECURITY] [DSA 5921-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5921-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 16, 2025 https://www.debian.org/security/faq -...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:0405-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0405-1 advisory. Update to Mozilla Thunderbird 128.7 MFSA 2025-10, bsc1236539. Security fixes: - CVE-2025-1009:...

RHEL 9 : thunderbird (RHSA-2025:1318)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:1318 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox 135...

[SECURITY] [DSA 5820-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5820-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2024 https://www.debian.org/security/faq -...

OPENSUSE-SU-2023:0101-1 Security update for pdns-recursor

This update for pdns-recursor fixes the following issues: pdns-recursor was updated to 4.6.6: fixes deterred spoofing attempts can lead to authoritative servers being marked unavailable boo1209897, CVE-2023-26437 Fixes in 4.6.5: When an expired NSEC3 entry is seen, move it to the front of the...

OPENSUSE-SU-2019:2155-1 Security update for chromium

This update for chromium fixes the following issues: Security issues fixed: - CVE-2019-5870: Fixed a use-after-free in media. boo1150425 - CVE-2019-5871: Fixed a heap overflow in Skia. boo1150425 - CVE-2019-5872: Fixed a use-after-free in Mojo boo1150425 - CVE-2019-5874: Fixed a behavior that mad...

OPENSUSE-SU-2019:2152-1 Security update for chromium

This update for chromium to 77.0.3865.75 fixes the following issues: Security issues fixed: - CVE-2019-5870: Fixed a use-after-free in media. boo1150425 - CVE-2019-5871: Fixed a heap overflow in Skia. boo1150425 - CVE-2019-5872: Fixed a use-after-free in Mojo boo1150425 - CVE-2019-5874: Fixed a...

SUSE-SU-2018:3351-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2012-74 Miscellaneous memory safety hazards rv:16.0/ rv:10.0.8 MFSA 2012-75 select element persistance allows for attacks MFSA 2012-76 Continued access to initial origin after setting document.domain MFSA 2012-77 Some DOMWindowUtils methods bypass security checks...

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape...

eudora603.pl

Eudora 6.0.3 for Windows was released recently. Though known for years, the spoofing of attachments is still not fixed; the problem with LaunchProtect is not fixed either. Spoofing demo essentially identical to 6.0.1 version below. Cheers, Paul Szabo - [email protected]...