Download
| Alert*
oval:org.secpod.oval:def:63497
firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:63517 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:503740 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:503741 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:503737 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:63000 The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:64139 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:64118 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:503742 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503743 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503744 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:66549 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:62999 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-17. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:89050384 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:62970 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:62971 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-17. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:62972 The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:62973 Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 : A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. oval:org.secpod.oval:def:604834 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:89000158 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.8.0 ESR MFSA 2020-17 * CVE-2020-12387 Use-after-free during worker shutdown * CVE-2020-12388 Sandbox escape with improperly guarded Access Tokens * CVE-2020-12389 Sandbox escape with improperly separ ... oval:org.secpod.oval:def:1504182 [68.8.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.8.0-1] - Update to 68.8.0 build2 oval:org.secpod.oval:def:205569 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:205564 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:205565 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:1504188 [68.8.0-1.0.1] - fix LD_LIBRARY_PATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one * Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 [68.7.0-3] - Added fix for rhbz#1821418 [68.7.0-2] - Update to 68.7.0 build3 [68.6.1-1] - Update to 68.6.1 ESR * Wed Mar 04 2020 J ... oval:org.secpod.oval:def:205566 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:705466 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1502902 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705489 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1502908 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:604843 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:1504254 [68.8.0-1.0.1.el8_2] - Rebuild to pickup Oracle default bookmarks [Orabug: 30069264] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references [Orabug: 30530527] * Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 [68.7.0-3] - Added fix for rhbz#1 ... oval:org.secpod.oval:def:1502910 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700336 The Mozilla Foundation Security Advisory describes this flaw as:On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability aff ... oval:org.secpod.oval:def:2105821 Oracle Solaris 11 - ( CVE-2020-6814 ) oval:org.secpod.oval:def:63001 Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 : A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. oval:org.secpod.oval:def:62998 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. |