478 matches found
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2024:0971-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0971-1 advisory. Firefox Extended Support Release 115.9.0 ESR bsc1221327: - CVE-2024-0743: Crash in NSS TLS method bmo1867408. - CVE-2024-2605:...
The vulnerability of the Windows Error Reporting service in Windows operating systems, which allows for increased privileges
The vulnerability of the Windows Error Reporting service in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2024-2605
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected...
SUSE CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14974)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...
Fedora 39 : firefox (2024-113454b56b)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-113454b56b advisory. - Updated to 124.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Fedora 38 : firefox (2024-7e71e9eaba)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7e71e9eaba advisory. - Updated to 124.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
CVE-2024-2605
CVE-2024-2605 affects Firefox and related Mozilla products on Windows, where the Windows Error Reporter can be abused as a sandbox escape to run arbitrary code. The description states affected versions: Firefox < 124, Firefox ESR < 115.9, and Thunderbird
CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products that...
Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating system...
Mozilla Firefox < 124.0
The version of Firefox installed on the remote Windows host is prior to 124.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-12 advisory. - Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that...
Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2024-079-03)
The version of mozilla-thunderbird installed on the remote host is prior to 115.9.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-079-03 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could...
Mozilla Firefox ESR < 115.9
The version of Firefox ESR installed on the remote Windows host is prior to 115.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-13 advisory. - Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed...
CVE-2024-2605
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
CVE-2024-26169
Windows Error Reporting Service Elevation of Privilege Vulnerability...
Privilege escalation
Windows Error Reporting Service Elevation of Privilege Vulnerability...
CVE-2024-26169 Windows Error Reporting Service Elevation of Privilege Vulnerability
...