 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.856096 |
| Categoría: | openSUSE Local Security Checks |
| Título: | openSUSE Security Advisory (SUSE-SU-2024:1350-1) |
| Resumen: | The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:1350-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:1350-1 advisory. Vulnerability Insight: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR (MSFA 2024-19) (bsc#1222535): - CVE-2024-3852: GetBoundName in the JIT returned the wrong object - CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement - CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection - CVE-2024-2609: Permission prompt input delay could expire when not in focus - CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer - CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move - CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows - CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames - CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 Affected Software/OS: 'MozillaFirefox' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-2609 https://bugzilla.mozilla.org/show_bug.cgi?id=1866100 https://lists.debian.org/debian-lts-announce/2024/04/msg00012.html https://www.mozilla.org/security/advisories/mfsa2024-12/ https://www.mozilla.org/security/advisories/mfsa2024-19/ https://www.mozilla.org/security/advisories/mfsa2024-20/ https://lists.debian.org/debian-lts-announce/2024/04/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2024-3302 VU#421644 - HTTP/2 CONTINUATION frames can be utilized for DoS attacks https://kb.cert.org/vuls/id/421644 https://bugzilla.mozilla.org/show_bug.cgi?id=1881183 https://www.mozilla.org/security/advisories/mfsa2024-18/ Common Vulnerability Exposure (CVE) ID: CVE-2024-3852 https://bugzilla.mozilla.org/show_bug.cgi?id=1883542 Common Vulnerability Exposure (CVE) ID: CVE-2024-3854 https://bugzilla.mozilla.org/show_bug.cgi?id=1884552 Common Vulnerability Exposure (CVE) ID: CVE-2024-3857 https://bugzilla.mozilla.org/show_bug.cgi?id=1886683 Common Vulnerability Exposure (CVE) ID: CVE-2024-3859 https://bugzilla.mozilla.org/show_bug.cgi?id=1874489 Common Vulnerability Exposure (CVE) ID: CVE-2024-3861 https://bugzilla.mozilla.org/show_bug.cgi?id=1883158 Common Vulnerability Exposure (CVE) ID: CVE-2024-3863 https://bugzilla.mozilla.org/show_bug.cgi?id=1885855 Common Vulnerability Exposure (CVE) ID: CVE-2024-3864 Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 https://bugzilla.mozilla.org/show_bug.cgi?id=1888333 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |