Download
| Alert*
|
oval:org.secpod.oval:def:69906
Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message. oval:org.secpod.oval:def:503341 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Security Fix: * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, a ... oval:org.secpod.oval:def:503344 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Security Fix: * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, a ... oval:org.secpod.oval:def:1502607 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502608 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502610 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705162 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1502661 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502668 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:58381 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-26. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58382 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-27. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58380 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-25. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58389 Mozilla Firefox 69, Mozilla Firefox ESR 68.1 : A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <code><canvas></code> element due to an error in how same-origin policy is applied to cached image content. The resulting same-ori ... oval:org.secpod.oval:def:1502672 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89043667 This update for MozillaFirefox, firefox-glib2, firefox-gtk3 fixes the following issues: Mozilla Firefox was updated to the 60.9.0esr release: Security Advisory MFSA 2019-27: * Use-after-free while manipulating video CVE-2019-11746 * XSS by breaking out of title and textarea elements using innerHTML ... oval:org.secpod.oval:def:1700219 Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird lt; 68.1 and Thunderbird lt; 60.9. A same-origin policy violation occurs allowing the theft of cross-origin images through a combinatio ... oval:org.secpod.oval:def:2105161 Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability ... oval:org.secpod.oval:def:2105173 Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 68.1 and Thunderbird < 60.9. oval:org.secpod.oval:def:58847 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message. oval:org.secpod.oval:def:69752 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. oval:org.secpod.oval:def:58870 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:1801620 empty oval:org.secpod.oval:def:205366 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix: * Mozilla: Sandbox escape through Firefox Sync * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and F ... oval:org.secpod.oval:def:205368 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Security Fix: * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, a ... oval:org.secpod.oval:def:205356 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix: * Mozilla: Sandbox escape through Firefox Sync * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and F ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89043994 This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap ... oval:org.secpod.oval:def:70144 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:68071 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:604529 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, information disclosure and a covert content attack on S/MIME encryption using a crafted multipart/alternative message. oval:org.secpod.oval:def:604520 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service. oval:org.secpod.oval:def:58315 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-25. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58325 Mozilla Firefox 69, Mozilla Firefox ESR 68.1 and Mozilla Thunderbird 68.1 : A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <code><canvas></code> element due to an error in how same-origin policy is applied to cached image co ... oval:org.secpod.oval:def:58316 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-26. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58317 The host is missing a critical severity security update according to Mozilla advisory, MFSA2019-27. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:58731 The host is missing a high severity security update according to Mozilla advisory, MFSA2019-29. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:58732 The host is missing a high severity security update according to Mozilla advisory, MFSA2019-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:58728 The host is missing a high severity security update according to Mozilla advisory, MFSA2019-29. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:58729 The host is missing a high severity security update according to Mozilla advisory, MFSA2019-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:503328 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Security Fix: * Mozilla: Sandbox escape through Firefox Sync * Mozilla: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 * ... oval:org.secpod.oval:def:503332 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix: * Mozilla: Sandbox escape through Firefox Sync * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and F ... oval:org.secpod.oval:def:503335 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix: * Mozilla: Sandbox escape through Firefox Sync * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and F ... oval:org.secpod.oval:def:503339 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Security Fix: * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, a ... oval:org.secpod.oval:def:89050854 This update for MozillaFirefox to 68.1 fixes the following issues: Security issues fixed: - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. - CVE-2019-11710: Fixed several memory safety bugs. - CVE-20 ... |
