Download
| Alert*
oval:org.secpod.oval:def:43350
The host is installed with Mozilla Thunderbird before 52.5.2 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle an incorrect value being passed within the library. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:2101650 It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website, e.g. via "View -> Feed article -> Website" or in the standard format of "View -> Feed article -> default format". This vulnerability affects Thunderbird < 52.5.2. oval:org.secpod.oval:def:1800363 CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 CVE-2017-7843: Web worker in Private Browsing mode can write IndexedDB data Fixed In Version:¶ Firefox ESR 52.5.2 oval:org.secpod.oval:def:43141 The host is missing a critical security update according to Mozilla advisory, MFSA2017-28. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to bypass security. oval:org.secpod.oval:def:43355 The host is missing a security update according to Mozilla advisory, MFSA 2017-30. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle to crafted data. Successful exploitation could allow attackers to disclose sensitive information, ... oval:org.secpod.oval:def:43138 Mozilla Firefox before 57.0.1, Mozilla Firefox ESR before 52.5.2 and Mozilla Thunderbird before 52.5.2:- A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the ... oval:org.secpod.oval:def:43142 The host is missing a critical security update according to Mozilla advisory, MFSA2017-29. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to bypass security. |