Download
| Alert*
oval:org.secpod.oval:def:2101156
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird ... oval:org.secpod.oval:def:89044513 Mozilla Firefox was updated to the ESR 52.3 release Following security issues were fixed: * MFSA 2017-19/CVE-2017-7807: Domain hijacking through AppCache fallback * MFSA 2017-19/CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts * MFSA 2017-19/CVE-2017-7792: Buff ... oval:org.secpod.oval:def:41727 The host is missing a critical security update according to Mozilla advisory, MFSA2017-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:41827 The host is missing a critical security update according to Mozilla advisory, MFSA2017-20. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... oval:org.secpod.oval:def:89044613 This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ... oval:org.secpod.oval:def:41712 Mozilla Firefox before 55.0 , Firefox ESR before 52.3 or Thunderbird 52.3 :- The destructor function for the WindowsDllDetourPatcher class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used ... oval:org.secpod.oval:def:41726 The host is missing a critical security update according to Mozilla advisory, MFSA2017-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code o ... |