MiracleLinux 4 : thunderbird-68.7.0-1.AXS4 (AXSA:2020-4709:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4709:03 advisory. Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6819 Mozilla: Use-after-free when handling a ReadableStream CVE-2020-6820...

MiracleLinux 4 : thunderbird-60.3.0-1.AXS4 (AXSA:2018-3431:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3431:07 advisory. Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390 Mozilla: Crash with nested event loops CVE-2018-12392 Mozilla:...

Linux Distros Unpatched Vulnerability : CVE-2019-9820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This...

SUSE CVE-2018-12361

An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1...

SUSE CVE-2018-12362

An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 SSSE3 scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60, Thunderbird 52.9, Firefox ESR 60.1, Firefox ESR 52.9, and Firefox 61...

SUSE CVE-2018-18492

A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, and Firefox 64...

SUSE CVE-2019-9788

Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

SUSE CVE-2019-9800

Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

SUSE CVE-2019-17011

Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, and Firefox 71...

SUSE CVE-2019-17012

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...

SUSE CVE-2020-6825

Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary...

SUSE CVE-2020-12405

When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird 68.9.0, Firefox 77, and Firefox ESR 68.9...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws...

Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws...

DEBIAN-CVE-2019-11761

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox 70,...

Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...