Download
| Alert*
oval:org.secpod.oval:def:61972
The host is missing a high severity security update according to Mozilla advisory, MFSA2020-09. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the browser. oval:org.secpod.oval:def:62104 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:62000 The host is missing a high security update according to Mozilla advisory, MFSA2020-10. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:503551 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:503552 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:503550 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:66533 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:67349 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:505540 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 80.0.3987.149. Security Fix: * chromium-browser: Use after free in WebGL * chromium-browser: Use after free in media * chromium-browser: Insufficient policy enforcement in extensions * chromium-br ... oval:org.secpod.oval:def:503567 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:503568 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:503569 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:62247 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:62245 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:62139 The host is installed with Google Chrome before 80.0.3987.149 and is prone to an out of bounds read vulnerability in usersctplib. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:62138 The host is installed with Google Chrome before 80.0.3987.149 and is prone to an out of bounds read vulnerability in usersctplib. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:62137 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:62136 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:66530 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:89050453 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 68.6.0 ESR - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during st ... oval:org.secpod.oval:def:1801766 chromium: Multiple vulnerabilities oval:org.secpod.oval:def:1802029 CVE-2020-6796: Missing bounds check on shared memory read in the parent process CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection CVE-2020-6800: Memory safety bugs oval:org.secpod.oval:def:62113 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:604792 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. CVE-2020-6424 Sergei Glazunov dis ... oval:org.secpod.oval:def:69812 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-20503 Natalie Silvanovich discovered an out-of-bounds read issue in the usrsctp library. CVE-2020-6422 David Manouchehri discovered a use-after-free issue in the WebGL implementation. CVE-2020-6424 Sergei Glazunov dis ... oval:org.secpod.oval:def:63488 The host is installed with Safari before 13.1.1 on Apple Mac OS X 10.13.6, 10.14.6 or 10.15.x before 10.15.5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an access issue. Successful exploitation allow an attacker to cause ... oval:org.secpod.oval:def:63478 The host is missing a security update according to Apple advisory, APPLE-SA-2020-05-26-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious web content. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:61954 Safari before 13.1.1 on Apple Mac OS X 10.13.6, 10.14.6 or 10.15.x before 10.15.5, Mozilla Firefox 74, Mozilla Firefox ESR 68.6, Mozilla Thunderbird 68.6, Google Chrome 80.0.3987.149 and Microsoft Edge (Chromium based) 80.0.361.69: The inputs to sctp_load_addresses_from_init are verified by sctp_are ... oval:org.secpod.oval:def:61952 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-08. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the browser. oval:org.secpod.oval:def:61953 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-09. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the browser. oval:org.secpod.oval:def:61999 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-10. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:89000197 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 68.6.0 ESR - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during st ... oval:org.secpod.oval:def:1504125 [68.6.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.6.0-1] - Update to 68.6.0 build2 oval:org.secpod.oval:def:205464 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:205466 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:1503996 [68.6.0-1.0.1.el8_1] - Rebuild to pickup Oracle default bookmarks [Orabug: 30069264] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references [Orabug: 30530527] [68.6.0-1.0.1] - Update to 68.6.0 build1 [68.5.0-3] - Added fix for rhbz#1805667 - Enab ... oval:org.secpod.oval:def:705402 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:604786 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:1700320 The Mozilla Foundation Security Advisory describes this flaw as: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. The Mozilla Foundation Security Advisory describes this flaw as: The inp ... oval:org.secpod.oval:def:1502837 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502846 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69810 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:1502849 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000522 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 68.6.0 ESR - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during st ... oval:org.secpod.oval:def:205472 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.6.0 ESR. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protecti ... oval:org.secpod.oval:def:205470 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.6.0. Security Fix: * Mozilla: Use-after-free when removing data about origins * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion * Mozilla: Use-after ... oval:org.secpod.oval:def:69961 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. oval:org.secpod.oval:def:1504119 [68.6.0-1.0.1.el6_10] - fix LD_LIBRARY_PATH - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [68.6.0-1] - Update to 68.6.0 build1 [68.5.0-3] - Added fix for rhbz#1805667 - Enabled mzbz@1170092 - Firefox prefs at ... oval:org.secpod.oval:def:705434 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:62963 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:2105821 Oracle Solaris 11 - ( CVE-2020-6814 ) oval:org.secpod.oval:def:61973 Mozilla Firefox 74, Mozilla Firefox ESR 68.6, Mozilla Thunderbird 68.6, Google Chrome 80.0.3987.149 and Microsoft Edge 80.0.3987.149: The inputs to sctp_load_addresses_from_init are verified by sctp_arethere_unrecognized_parameters however, the two functions handled parameter bounds differently, res ... oval:org.secpod.oval:def:61971 The host is missing a high severity security update according to Mozilla advisory, MFSA2020-08. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the browser. oval:org.secpod.oval:def:705443 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:70197 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. |