Ubuntu Security Notice 6562-2 - USN-6562-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code. George Pantela and Hubert Kario discovered that Firefox using multiple NSS NIST curves which were susceptible to a side-channel attack known as "Minerva". An attacker could potentially exploit this issue to obtain sensitive information. Andrew Osmond discovered that Firefox did not properly validate the textures produced by remote decoders. An attacker could potentially exploit this issue to escape the sandbox.
b0f78c407c1b7675cfb31191c04f588fe6093e29a445623eb97e433bacb31e61Red Hat Security Advisory 2024-0030-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.
920533d45299cbaa27b8b15caffec39c12d1ced2497dd488e9b9d328479bf1acRed Hat Security Advisory 2024-0029-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
f3fc79a27c4aa6ef022bd29649f726696c4e6156a9f6cc34243443e1cbe5ec56Red Hat Security Advisory 2024-0028-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.
91097daaf548ca8145e925af4686d507b743933e6d1da6fbb19bdabc259867b8Red Hat Security Advisory 2024-0027-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow and use-after-free vulnerabilities.
366186056da750e0f95c100f8f4beab367bb711a8938fb88e15a84421ee8b333Red Hat Security Advisory 2024-0026-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer overflow and use-after-free vulnerabilities.
48fab1b6642651f7a558dc1742d812c52c8ba81e1db570e96b27ed2beaaf7c2bRed Hat Security Advisory 2024-0024-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
506c60db89b2108650264ebf0b14111a3751bf2db6777d4d12ceb30a7711686fRed Hat Security Advisory 2024-0023-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.
2cfa4c2c76369cc60a89d74506e7cb875048c9cfa01f1cf0f61b625d5ffa6be0Red Hat Security Advisory 2024-0022-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
e2ef092e355c41f8111371d8575441ae47b89c273e5cc7e2536cda02c57af8f2Red Hat Security Advisory 2024-0003-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow and use-after-free vulnerabilities.
fa6c5e22829957631ce0414321e39c7a3a1db1855cea3467a529e40566e481ecUbuntu Security Notice 6563-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Marcus Brinkmann discovered that Thunderbird did not properly parse a PGP/MIME payload that contains digitally signed text. An attacker could potentially exploit this issue to spoof an email message.
e4db07847539dbbc6ea2de8030758116eeabaa195c34555d719a465328711716Ubuntu Security Notice 6562-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. DoHyun Lee discovered that Firefox did not properly manage memory when used on systems with the Mesa VM driver. An attacker could potentially exploit this issue to execute arbitrary code.
846eb8dfb861c9d01f55a7af89d743f497ce5cdc0267b02af79b4fb656b223f2Red Hat Security Advisory 2024-0025-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and use-after-free vulnerabilities.
fa5ab536a85403c971c962dd22171f5097eda052008756414660822467bc8e2cRed Hat Security Advisory 2024-0021-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.
b568042435b57df0ef9f64686966ff18a1e61c694fe0edce6977cbd3972022b0Red Hat Security Advisory 2024-0019-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
200ceae8541cc9d43a701bfe7de4e7e5225904a6efdc4e492c807c3fd399a09cRed Hat Security Advisory 2024-0012-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow and use-after-free vulnerabilities.
464a4b43822cd16e1386b0d9ce27a09bb55ee77ef507c9728e77655d8ed0ba34Red Hat Security Advisory 2024-0011-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
7f810fd09b80af0ab3cfd3fbc0e275e5a97486588ab3634ab84e28c56fb25d75Red Hat Security Advisory 2024-0005-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
b8008abb7d3eed77a2a169884b881a5f4c54cba9cde29d676092da14de31718fRed Hat Security Advisory 2024-0004-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
3e980db53d2ff082446a99a1ee6880201118d7f3449c69d6eb738df6e16bc278Red Hat Security Advisory 2024-0002-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
82cd894546126db59f3b8016ef7ae4b2523b1552d0dff7bdd0a87d70413035bdRed Hat Security Advisory 2024-0001-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and use-after-free vulnerabilities.
28f55feb5d70ea617ad4f40c9170241308663ee340b5b538eb4dc2f19753b622Debian Linux Security Advisory 5582-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing of signed PGP/MIME and SMIME emails.
b3f70726ef2fae015527060cb4b5e5d13980592e40aae2e78d1c509408fdb9b4Debian Linux Security Advisory 5581-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or clickjacking.
8e9ebae0bccbe4842bf36efe2bc7e6db305fad064c670f91a6bc7f76d2742daa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed