Download
| Alert*
oval:org.secpod.oval:def:34237
The host is installed with Mozilla Firefox before 46.0 and is prone to an universal cross-site scripting (XSS) vulnerability. A flaw is present in the WebExtension sandbox feature, which does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs.update API calls. Succ ... oval:org.secpod.oval:def:34238 The host is missing an important security update according to Mozilla advisory, MFSA2016-46. The update is required to fix an universal cross-site scripting (XSS) vulnerability. A flaw is present in the WebExtension sandbox feature, which does not properly restrict principal inheritance during chrom ... oval:org.secpod.oval:def:703064 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703068 oxygen-gtk3: Oxygen widget theme for GTK3-based applications Details: USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. We apologize for the in ... oval:org.secpod.oval:def:51548 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:34202 The host is missing an important security update according to Mozilla advisory, MFSA2016-46. The update is required to fix a cross-site scripting (XSS) vulnerability. A flaw is present in the chrome.tabs.update API for web extensions, which allows for navigation to javascript: URLs without additiona ... oval:org.secpod.oval:def:34201 The host is installed with Mozilla Firefox before 46.0 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the chrome.tabs.update API for web extensions, which allows for navigation to javascript: URLs without additional permissions. Successful exploitation allows remote ... |