Download
| Alert*
oval:org.secpod.oval:def:89043862
This update for libevent fixes the following security issues: - CVE-2016-10195: DNS remote stack overread vulnerability - CVE-2016-10196: stack/buffer overflow in evutil_parse_sockaddr_port - CVE-2016-10197: out-of-bounds read in search_make_new oval:org.secpod.oval:def:1800913 CVE-2016-10195: dns remote stack over read vulnerability; Fixed in libevent 2.1.6 oval:org.secpod.oval:def:204492 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.1.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:89002526 This update for libevent fixes the following issues: - CVE-2016-10195: DNS remote stack overread vulnerability - CVE-2016-10196: stack/buffer overflow in evutil_parse_sockaddr_port - CVE-2016-10197: out-of-bounds read in search_make_new oval:org.secpod.oval:def:204484 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:204495 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.1.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:204483 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:2100396 Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. oval:org.secpod.oval:def:1800751 CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP CVE-2017-5401: Memory Corruption when handling ErrorResult CVE-2017-5402: Use-after-free working with events in FontFace objects CVE-2017-5404: Use-after-free working with ranges in selections CVE-2017-5407: Pixel and history stealing via floati ... oval:org.secpod.oval:def:2100906 A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerabilit ... oval:org.secpod.oval:def:703516 libevent: Asynchronous event notification library Several security issues were fixed in libevent. oval:org.secpod.oval:def:703569 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:602775 Several vulnerabilities were discovered in libevent, an asynchronous event notification library. They would lead to Denial Of Service via application crash, or remote code execution. oval:org.secpod.oval:def:51794 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51774 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1800361 CVE-2016-10195: dns remote stack overread vulnerability. Fixed in libevent 2.1.6 oval:org.secpod.oval:def:1501852 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501850 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:502023 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:502022 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:703609 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:502028 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.1.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:51744 libevent: Asynchronous event notification library Several security issues were fixed in libevent. oval:org.secpod.oval:def:1800499 CVE-2016-10195: dns remote stack overread vulnerability Fixed in libevent 2.1.6 oval:org.secpod.oval:def:1501845 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501843 The advisory is missing the security advisory description. For more information please visit the reference link |