Ubuntu Local Security Checks : Ubuntu: Security Advisory (USN-7334-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.12.2025.7334.1

Categoría: Ubuntu Local Security Checks

Título: Ubuntu: Security Advisory (USN-7334-1)

Resumen: The remote host is missing an update for the 'firefox' package(s) announced via the USN-7334-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'firefox' package(s) announced via the USN-7334-1 advisory.

Vulnerability Insight:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2025-1933,
CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-1942)

It was discovered that Firefox did not properly handle WebTransport
connection, leading to a use-after-free vulnerability. An attacker could
potentially exploit this issue to cause a denial of service.
(CVE-2025-1931)

Ivan Fratric discovered that Firefox did not properly handle XSLT sorting,
leading to a out-of-bounds access vulnerability. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2025-1932)

Affected Software/OS:
'firefox' package(s) on Ubuntu 20.04.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-1931
Common Vulnerability Exposure (CVE) ID: CVE-2025-1932
Common Vulnerability Exposure (CVE) ID: CVE-2025-1933
Common Vulnerability Exposure (CVE) ID: CVE-2025-1934
Common Vulnerability Exposure (CVE) ID: CVE-2025-1935
Common Vulnerability Exposure (CVE) ID: CVE-2025-1936
Common Vulnerability Exposure (CVE) ID: CVE-2025-1937
Common Vulnerability Exposure (CVE) ID: CVE-2025-1942

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.12.2025.7334.1
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu: Security Advisory (USN-7334-1)
Resumen:	The remote host is missing an update for the 'firefox' package(s) announced via the USN-7334-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'firefox' package(s) announced via the USN-7334-1 advisory. Vulnerability Insight: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2025-1933, CVE-2025-1934, CVE-2025-1935, CVE-2025-1936, CVE-2025-1937, CVE-2025-1942) It was discovered that Firefox did not properly handle WebTransport connection, leading to a use-after-free vulnerability. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2025-1931) Ivan Fratric discovered that Firefox did not properly handle XSLT sorting, leading to a out-of-bounds access vulnerability. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-1932) Affected Software/OS: 'firefox' package(s) on Ubuntu 20.04. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-1931 Common Vulnerability Exposure (CVE) ID: CVE-2025-1932 Common Vulnerability Exposure (CVE) ID: CVE-2025-1933 Common Vulnerability Exposure (CVE) ID: CVE-2025-1934 Common Vulnerability Exposure (CVE) ID: CVE-2025-1935 Common Vulnerability Exposure (CVE) ID: CVE-2025-1936 Common Vulnerability Exposure (CVE) ID: CVE-2025-1937 Common Vulnerability Exposure (CVE) ID: CVE-2025-1942
Copyright	Copyright (C) 2025 Greenbone AG