Download
| Alert*
oval:org.secpod.oval:def:2101156
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird ... oval:org.secpod.oval:def:1800886 CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements CVE-2017-7779: Memory safety bugs CVE-2017-7784: Use-after-free with image observers CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM CVE-2017-7786: Buffer overflow while painting non-displayable SVG CVE-2 ... oval:org.secpod.oval:def:89044513 Mozilla Firefox was updated to the ESR 52.3 release Following security issues were fixed: * MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback * MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts * MFSA 2017-19/CVE-2017-7792: Buff ... oval:org.secpod.oval:def:41727 The host is missing a critical security update according to Mozilla advisory, MFSA2017-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41827 The host is missing a critical security update according to Mozilla advisory, MFSA2017-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:204641 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.3.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:204625 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.3.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:89044613 This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ... oval:org.secpod.oval:def:204552 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.3.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:204551 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.3.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:41737 Mozilla Firefox before 55.0Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. oval:org.secpod.oval:def:41752 The host is missing a critical security update according to Mozilla advisory, MFSA2017-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41753 The host is missing a critical security update according to Mozilla advisory, MFSA2017-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41828 The host is missing a critical security update according to Mozilla advisory, MFSA2017-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:53110 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of CS ... oval:org.secpod.oval:def:1501968 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501973 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501970 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703794 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703762 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-3391-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory This update provides compatible packages for Firefox 55. oval:org.secpod.oval:def:703765 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:1800541 CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements CVE-2017-7779: Memory safety bugs CVE-2017-7784: Use-after-free with image observers CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM CVE-2017-7786: Buffer overflow while painting non-displayable SVG CVE-2 ... oval:org.secpod.oval:def:53131 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:502175 Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.3.0 ESR. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with t ... oval:org.secpod.oval:def:502181 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.3.0. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute a ... oval:org.secpod.oval:def:603094 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:51872 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-3391-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory This update provides compatible packages for Firefox 55. oval:org.secpod.oval:def:51875 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51890 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1501949 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603043 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of CS ... oval:org.secpod.oval:def:41708 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. oval:org.secpod.oval:def:41726 The host is missing a critical security update according to Mozilla advisory, MFSA2017-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... |