Download
| Alert*
oval:org.secpod.oval:def:2103524
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. oval:org.secpod.oval:def:2103526 Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. oval:org.secpod.oval:def:49784 The host is missing a critical security update according to Mozilla advisory, MFSA2018-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:89002575 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:49888 The host is missing a critical security update according to Mozilla advisory, MFSA2018-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:49892 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. oval:org.secpod.oval:def:704425 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51184 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:89049682 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:1502408 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502410 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603600 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:1502423 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502424 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704452 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:603588 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. oval:org.secpod.oval:def:502585 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * Mozilla: Memory corruption in Angle * Mozilla: ... oval:org.secpod.oval:def:502587 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * Mozilla: Memory corruption in Angle * Mozilla: ... oval:org.secpod.oval:def:502595 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * chromium-browser, firefox: Memory corruption in Angle * Mozilla: Use-after-free with select elem ... oval:org.secpod.oval:def:502594 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * chromium-browser, firefox: Memory corruption in Angle * Mozilla: Use-after-free with select elem ... oval:org.secpod.oval:def:205148 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * chromium-browser, firefox: Memory corruption in Angle * Mozilla: Use-after-free with select elem ... oval:org.secpod.oval:def:205136 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * Mozilla: Memory corruption in Angle * Mozilla: ... oval:org.secpod.oval:def:205137 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.4.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * Mozilla: Memory corruption in Angle * Mozilla: ... oval:org.secpod.oval:def:205152 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.4.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 * chromium-browser, firefox: Memory corruption in Angle * Mozilla: Use-after-free with select elem ... oval:org.secpod.oval:def:50328 The host is missing a critical security update according to Mozilla advisory, MFSA2018-31. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:50329 The host is missing a critical security update according to Mozilla advisory, MFSA2018-31. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:51201 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1700133 A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird lt; 60.4, Firefox ESR lt; 60. ... oval:org.secpod.oval:def:53477 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. oval:org.secpod.oval:def:49788 Mozilla Firefox 64, Mozilla Firefox ESR 60.4, Mozilla Thunderbird 60.4 : A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. oval:org.secpod.oval:def:49783 The host is missing a critical security update according to Mozilla advisory, MFSA2018-29. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:49887 The host is missing a critical security update according to Mozilla advisory, MFSA2018-29. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code. |