Download
| Alert*
oval:org.secpod.oval:def:1505979
[91.13.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:1505974 [91.13.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:83363 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-35 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:83364 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-34 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows attackers to cause multiple impacts ... oval:org.secpod.oval:def:1505977 [91.13.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:83361 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-37 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:1505982 [91.13.0-1.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Enabled aarch64 build [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:507127 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the parent"s permissions * Mozilla: Memory safety bu ... oval:org.secpod.oval:def:507124 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the parent"s permissions * Mozilla: Memory safety bu ... oval:org.secpod.oval:def:609347 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:610109 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:507131 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.13.0 ESR. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the ... oval:org.secpod.oval:def:507136 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.13.0 ESR. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the ... oval:org.secpod.oval:def:86407 Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:507125 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the parent"s permissions * Mozilla: Memory safety bu ... oval:org.secpod.oval:def:507132 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.13.0 ESR. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the ... oval:org.secpod.oval:def:1505973 [91.13.0-1.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:1505983 [91.13.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires [Orabug: 33802044] [91.13.0-1] - Update to 91.13.0 build1 oval:org.secpod.oval:def:83360 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-36 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:3301170 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:3301249 SUSE Security Update: Security update for MozillaFirefox oval:org.secpod.oval:def:86508 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:89047021 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:3300595 SUSE Security Update: Security update for MozillaThunderbird oval:org.secpod.oval:def:83376 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-37 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:83377 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-36 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:83378 The host is missing a high severity security update according to Mozilla advisory, MFSA2022-35. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:83379 The host is missing a high severity security update according to Mozilla advisory, MFSA2022-34. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:83380 The host is missing a high severity security update according to Mozilla advisory, MFSA2022-33. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:83381 Mozilla Firefox 104.0, Mozilla Firefox ESR 91.13 or 102.2 and Mozilla Thunderbird 91.13 or 102.2: An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into sub ... oval:org.secpod.oval:def:88582 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:707685 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:707754 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:205980 Security Fix: Mozilla: Address bar spoofing via XSLT error handling Mozilla: Cross-origin XSLT Documents would have inherited the parents permissions Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Fir ... oval:org.secpod.oval:def:4501119 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.13.0. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the parent"s permissions * Mozilla: Memory safety bu ... oval:org.secpod.oval:def:2500758 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:2600022 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:1701013 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developers and the Mozilla Fuzzing Team reporting memory safety bugs in Firefox 102. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these cou ... oval:org.secpod.oval:def:205979 Security Fix: Mozilla: Address bar spoofing via XSLT error handling Mozilla: Cross-origin XSLT Documents would have inherited the parents permissions Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Fir ... oval:org.secpod.oval:def:1701770 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developers and the Mozilla Fuzzing Team reporting memory safety bugs in Firefox 102. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these cou ... oval:org.secpod.oval:def:2500779 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:2600004 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:4501012 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.13.0 ESR. Security Fix: * Mozilla: Address bar spoofing via XSLT error handling * Mozilla: Cross-origin XSLT Documents would have inherited the ... oval:org.secpod.oval:def:89046949 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:89046947 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:89047518 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:2107909 Oracle Solaris 11 - ( CVE-2022-38472 ) oval:org.secpod.oval:def:89046933 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:88395 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:83365 Mozilla Firefox 104, Mozilla Firefox ESR 91.13 or 102.2, Mozilla Thunderbird 91.13 or 102.2 : An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitt ... oval:org.secpod.oval:def:83362 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-33 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... |