 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.856527 |
| Category: | openSUSE Local Security Checks |
| Title: | openSUSE Security Advisory (SUSE-SU-2024:3507-1) |
| Summary: | The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3507-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3507-1 advisory. Vulnerability Insight: This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 128.2.3 MFSA 2024-43 (bsc#1229821) * CVE-2024-8394: Crash when aborting verification of OTR chat. * CVE-2024-8385: WASM type confusion involving ArrayTypes. * CVE-2024-8381: Type confusion when looking up a property name in a 'with' block. * CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran. * CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions. * CVE-2024-8386: SelectElements could be shown over another site if popups are allowed. * CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. MFSA 2024-37 (bsc#1228648) * CVE-2024-7518: Fullscreen notification dialog can be obscured by document content. * CVE-2024-7519: Out of bounds memory access in graphics shared memory handling. * CVE-2024-7520: Type confusion in WebAssembly. * CVE-2024-7521: Incomplete WebAssembly exception handing. * CVE-2024-7522: Out of bounds read in editor component. * CVE-2024-7525: Missing permission check when creating a StreamFilter. * CVE-2024-7526: Uninitialized memory used by WebGL. * CVE-2024-7527: Use-after-free in JavaScript garbage collection. * CVE-2024-7528: Use-after-free in IndexedDB. * CVE-2024-7529: Document content could partially obscure security prompts. MFSA 2024-32 (bsc#1226316) * CVE-2024-6606: Out-of-bounds read in clipboard component. * CVE-2024-6607: Leaving pointerlock by pressing the escape key could be prevented. * CVE-2024-6608: Cursor could be moved out of the viewport using pointerlock. * CVE-2024-6609: Memory corruption in NSS. * CVE-2024-6610: Form validation popups could block exiting full-screen mode. * CVE-2024-6600: Memory corruption in WebGL API. * CVE-2024-6601: Race condition in permission assignment. * CVE-2024-6602: Memory corruption in NSS. * CVE-2024-6603: Memory corruption in thread creation. * CVE-2024-6611: Incorrect handling of SameSite cookies. * CVE-2024-6612: CSP violation leakage when using devtools. * CVE-2024-6613: Incorrect listing of stack frames. * CVE-2024-6614: Incorrect listing of stack frames. * CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, Thunderbird 128, and Thunderbird 115.13. * CVE-2024-6615: Memory safety bugs fixed in Firefox 128 and Thunderbird 128. Bug fixes: - Recommend libfido2-udev in order to try to get security keys (e.g. Yubikeys) working out of the box. (bsc#1184272) Affected Software/OS: 'MozillaThunderbird' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-6600 Common Vulnerability Exposure (CVE) ID: CVE-2024-6601 Common Vulnerability Exposure (CVE) ID: CVE-2024-6602 Common Vulnerability Exposure (CVE) ID: CVE-2024-6603 Common Vulnerability Exposure (CVE) ID: CVE-2024-6604 Common Vulnerability Exposure (CVE) ID: CVE-2024-6606 Common Vulnerability Exposure (CVE) ID: CVE-2024-6607 Common Vulnerability Exposure (CVE) ID: CVE-2024-6608 Common Vulnerability Exposure (CVE) ID: CVE-2024-6609 Common Vulnerability Exposure (CVE) ID: CVE-2024-6610 Common Vulnerability Exposure (CVE) ID: CVE-2024-6611 Common Vulnerability Exposure (CVE) ID: CVE-2024-6612 Common Vulnerability Exposure (CVE) ID: CVE-2024-6613 Common Vulnerability Exposure (CVE) ID: CVE-2024-6614 Common Vulnerability Exposure (CVE) ID: CVE-2024-6615 Common Vulnerability Exposure (CVE) ID: CVE-2024-7518 Common Vulnerability Exposure (CVE) ID: CVE-2024-7519 Common Vulnerability Exposure (CVE) ID: CVE-2024-7520 Common Vulnerability Exposure (CVE) ID: CVE-2024-7521 Common Vulnerability Exposure (CVE) ID: CVE-2024-7522 Common Vulnerability Exposure (CVE) ID: CVE-2024-7525 Common Vulnerability Exposure (CVE) ID: CVE-2024-7526 Common Vulnerability Exposure (CVE) ID: CVE-2024-7527 Common Vulnerability Exposure (CVE) ID: CVE-2024-7528 Common Vulnerability Exposure (CVE) ID: CVE-2024-7529 Common Vulnerability Exposure (CVE) ID: CVE-2024-8381 Common Vulnerability Exposure (CVE) ID: CVE-2024-8382 Common Vulnerability Exposure (CVE) ID: CVE-2024-8384 Common Vulnerability Exposure (CVE) ID: CVE-2024-8385 Common Vulnerability Exposure (CVE) ID: CVE-2024-8386 Common Vulnerability Exposure (CVE) ID: CVE-2024-8387 Common Vulnerability Exposure (CVE) ID: CVE-2024-8394 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |