Vulnerabilities > CVE-2019-11733 - Improper Authentication vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Authentication Abuse An attacker obtains unauthorized access to an application, service or device either through knowledge of the inherent weaknesses of an authentication mechanism, or by exploiting a flaw in the authentication scheme's implementation. In such an attack an authentication mechanism is functioning but a carefully controlled sequence of events causes the mechanism to grant access to the attacker. This attack may exploit assumptions made by the target's authentication procedures, such as assumptions regarding trust relationships or assumptions regarding the generation of secret values. This attack differs from Authentication Bypass attacks in that Authentication Abuse allows the attacker to be certified as a valid user through illegitimate means, while Authentication Bypass allows the user to access protected material without ever being certified as an authenticated user. This attack does not rely on prior sessions established by successfully authenticating users, as relied upon for the "Exploitation of Session Variables, Resource IDs and other Trusted Credentials" attack patterns.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Utilizing REST's Trust in the System Resource to Register Man in the Middle This attack utilizes a REST(REpresentational State Transfer)-style applications' trust in the system resources and environment to place man in the middle once SSL is terminated. Rest applications premise is that they leverage existing infrastructure to deliver web services functionality. An example of this is a Rest application that uses HTTP Get methods and receives a HTTP response with an XML document. These Rest style web services are deployed on existing infrastructure such as Apache and IIS web servers with no SOAP stack required. Unfortunately from a security standpoint, there frequently is no interoperable identity security mechanism deployed, so Rest developers often fall back to SSL to deliver security. In large data centers, SSL is typically terminated at the edge of the network - at the firewall, load balancer, or router. Once the SSL is terminated the HTTP request is in the clear (unless developers have hashed or encrypted the values, but this is rare). The attacker can utilize a sniffer such as Wireshark to snapshot the credentials, such as username and password that are passed in the clear once SSL is terminated. Once the attacker gathers these credentials, they can submit requests to the web service provider just as authorized user do. There is not typically an authentication on the client side, beyond what is passed in the request itself so once this is compromised, then this is generally sufficient to compromise the service's authentication scheme.
- Man in the Middle Attack This type of attack targets the communication between two components (typically client and server). The attacker places himself in the communication channel between the two components. Whenever one component attempts to communicate with the other (data flow, authentication challenges, etc.), the data first goes to the attacker, who has the opportunity to observe or alter it, and it is then passed on to the other component as if it was never intercepted. This interposition is transparent leaving the two compromised components unaware of the potential corruption or leakage of their communications. The potential for Man-in-the-Middle attacks yields an implicit lack of trust in communication or identify between two components.
Nessus
NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2020-0017_FIREFOX.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user last seen 2020-03-18 modified 2020-03-11 plugin id 134411 published 2020-03-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134411 title NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0017) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from ZTE advisory NS-SA-2020-0017. The text # itself is copyright (C) ZTE, Inc. include('compat.inc'); if (description) { script_id(134411); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/13"); script_cve_id( "CVE-2019-9811", "CVE-2019-9812", "CVE-2019-11707", "CVE-2019-11708", "CVE-2019-11709", "CVE-2019-11711", "CVE-2019-11712", "CVE-2019-11713", "CVE-2019-11715", "CVE-2019-11717", "CVE-2019-11730", "CVE-2019-11733", "CVE-2019-11740", "CVE-2019-11742", "CVE-2019-11743", "CVE-2019-11744", "CVE-2019-11746", "CVE-2019-11752", "CVE-2019-11757", "CVE-2019-11758", "CVE-2019-11759", "CVE-2019-11760", "CVE-2019-11761", "CVE-2019-11762", "CVE-2019-11763", "CVE-2019-11764", "CVE-2019-17005", "CVE-2019-17008", "CVE-2019-17010", "CVE-2019-17011", "CVE-2019-17012" ); script_bugtraq_id(108810, 108835, 109086); script_name(english:"NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0017)"); script_set_attribute(attribute:"synopsis", value: "The remote machine is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2. (CVE-2019-11708) - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2. (CVE-2019-11707) - Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11709) - When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11711) - POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11712) - A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11713) - Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11715) - A vulnerability exists where the caret (^) character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11717) - A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-11730) - As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. (CVE-2019-9811) - When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item without re- entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords. This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2. (CVE-2019-11733) - Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69. (CVE-2019-9812) - Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11740) - A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11742) - Navigation events were not fully adhering to the W3C's Navigation-Timing Level 2 draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11743) - Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11744) - A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11746) - It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. (CVE-2019-11752) - When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use- after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11757) - Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11758) - If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11762) - Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11763) - Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11764) - An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11759) - A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11760) - By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. (CVE-2019-11761) - Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after- free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. (CVE-2019-17010) - Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. (CVE-2019-17011) - Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. (CVE-2019-17012) - When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. (CVE-2019-17008) - The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. (CVE-2019-17005) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2020-0017"); script_set_attribute(attribute:"solution", value: "Upgrade the vulnerable CGSL firefox packages. Note that updated packages may not be available yet. Please contact ZTE for more information."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11708"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/23"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/11"); script_set_attribute(attribute:"plugin_type", value:"local"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"NewStart CGSL Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/ZTE-CGSL/release"); if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux"); if (release !~ "CGSL MAIN 4.05") audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05'); if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu); flag = 0; pkgs = { "CGSL MAIN 4.05": [ "firefox-68.4.1-1.el6.centos", "firefox-debuginfo-68.4.1-1.el6.centos" ] }; pkg_list = pkgs[release]; foreach (pkg in pkg_list) if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox"); }
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-2694.NASL description From Red Hat Security Advisory 2019:2694 : An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-05-31 modified 2019-09-11 plugin id 128656 published 2019-09-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128656 title Oracle Linux 6 : firefox (ELSA-2019-2694) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:2694 and # Oracle Linux Security Advisory ELSA-2019-2694 respectively. # include("compat.inc"); if (description) { script_id(128656); script_version("1.7"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/29"); script_cve_id("CVE-2019-11733", "CVE-2019-11740", "CVE-2019-11742", "CVE-2019-11743", "CVE-2019-11744", "CVE-2019-11746", "CVE-2019-11752", "CVE-2019-9812"); script_xref(name:"RHSA", value:"2019:2694"); script_name(english:"Oracle Linux 6 : firefox (ELSA-2019-2694)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2019:2694 : An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in 'Saved Logins' can be copied without master password entry (CVE-2019-11733) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2019-September/009134.html" ); script_set_attribute( attribute:"solution", value:"Update the affected firefox package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11752"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:firefox"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/11"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL6", reference:"firefox-60.9.0-1.0.1.el6_10", allowmaj:TRUE)) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2694.NASL description An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-05-31 modified 2019-09-11 plugin id 128660 published 2019-09-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128660 title RHEL 6 : firefox (RHSA-2019:2694) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0192_FIREFOX.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - When a master password is set, it is required to be entered again before stored passwords can be accessed in the last seen 2020-06-01 modified 2020-06-02 plugin id 129926 published 2019-10-15 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129926 title NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2019-0192) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_68_0_2.NASL description The version of Firefox installed on the remote macOS or Mac OS X host is prior to 68.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2019-24 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2019-08-22 plugin id 128059 published 2019-08-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128059 title Mozilla Firefox < 68.0.2 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2663.NASL description An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 24 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 (CVE-2019-11735) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743) * Mozilla: Persistence of WebRTC permissions in a third party context (CVE-2019-11748) * Mozilla: Camera information available without prompting using getUserMedia (CVE-2019-11749) * Mozilla: Type confusion in Spidermonkey (CVE-2019-11750) * Mozilla: Content security policy bypass through hash-based sources in directives (CVE-2019-11738) * Mozilla: last seen 2020-05-31 modified 2019-09-05 plugin id 128517 published 2019-09-05 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128517 title RHEL 8 : firefox (RHSA-2019:2663) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2251.NASL description This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. (bsc#1140868) - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. (bsc#1149294) - CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868) - CVE-2019-11714: Fixed a potentially exploitable crash in Necko. (bsc#1140868) - CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868) - CVE-2019-11718: Fixed inadequate sanitation in the Activity Stream component. (bsc#1140868) - CVE-2019-11720: Fixed a character encoding XSS vulnerability. (bsc#1140868) - CVE-2019-11721: Fixed a homograph domain spoofing issue through unicode latin last seen 2020-06-01 modified 2020-06-02 plugin id 129664 published 2019-10-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129664 title openSUSE Security Update : MozillaFirefox (openSUSE-2019-2251) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4101-1.NASL description It was discovered that passwords could be copied to the clipboard from the last seen 2020-06-01 modified 2020-06-02 plugin id 128026 published 2019-08-20 reporter Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128026 title Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : firefox vulnerability (USN-4101-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_0F31B4E9C82711E99626589CFC01894A.NASL description Mozilla Foundation reports : CVE-2019-11733: Stored passwords in last seen 2020-06-01 modified 2020-06-02 plugin id 128308 published 2019-08-29 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128308 title FreeBSD : Mozilla -- Stored passwords in 'Saved Logins' can be copied without master password entry (0f31b4e9-c827-11e9-9626-589cfc01894a) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-2729.NASL description From Red Hat Security Advisory 2019:2729 : An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-05-31 modified 2019-09-12 plugin id 128747 published 2019-09-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128747 title Oracle Linux 7 : firefox (ELSA-2019-2729) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0233_FIREFOX.NASL description The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When a master password is set, it is required to be entered again before stored passwords can be accessed in the last seen 2020-06-01 modified 2020-06-02 plugin id 132503 published 2019-12-31 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132503 title NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0233) NASL family Windows NASL id MOZILLA_FIREFOX_68_0_2_ESR.NASL description The version of Firefox ESR installed on the remote Windows host is prior to 68.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2019-24 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2019-08-22 plugin id 128062 published 2019-08-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128062 title Mozilla Firefox ESR < 68.0.2 NASL family Windows NASL id MOZILLA_FIREFOX_68_0_2.NASL description The version of Firefox installed on the remote Windows host is prior to 68.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2019-24 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2019-08-22 plugin id 128061 published 2019-08-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128061 title Mozilla Firefox < 68.0.2 NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2545-1.NASL description This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. (bsc#1140868) CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. (bsc#1149294) CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868) CVE-2019-11714: Fixed a potentially exploitable crash in Necko. (bsc#1140868) CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868) CVE-2019-11718: Fixed inadequate sanitation in the Activity Stream component. (bsc#1140868) CVE-2019-11720: Fixed a character encoding XSS vulnerability. (bsc#1140868) CVE-2019-11721: Fixed a homograph domain spoofing issue through unicode latin last seen 2020-06-01 modified 2020-06-02 plugin id 129583 published 2019-10-04 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129583 title SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:2545-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2620-1.NASL description This update for MozillaFirefox fixes the following issues : Updated to new ESR version 68.1 (bsc#1149323). In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735. Several run-time issues were also resolved (bsc#1117473, bsc#1124525, bsc#1133810). The version displayed in Help > About is now correct (bsc#1087200). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129772 published 2019-10-10 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129772 title SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2019:2620-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2260.NASL description This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. (bsc#1140868) - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. (bsc#1149294) - CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868) - CVE-2019-11714: Fixed a potentially exploitable crash in Necko. (bsc#1140868) - CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868) - CVE-2019-11718: Fixed inadequate sanitation in the Activity Stream component. (bsc#1140868) - CVE-2019-11720: Fixed a character encoding XSS vulnerability. (bsc#1140868) - CVE-2019-11721: Fixed a homograph domain spoofing issue through unicode latin last seen 2020-06-01 modified 2020-06-02 plugin id 129665 published 2019-10-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129665 title openSUSE Security Update : MozillaFirefox (openSUSE-2019-2260) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_68_0_2_ESR.NASL description The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2019-24 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2019-08-22 plugin id 128060 published 2019-08-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128060 title Mozilla Firefox ESR < 68.0.2 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-2694.NASL description An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-06-01 modified 2020-06-02 plugin id 128976 published 2019-09-18 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128976 title CentOS 6 : firefox (CESA-2019:2694) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2729.NASL description An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-05-31 modified 2019-09-16 plugin id 128853 published 2019-09-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128853 title RHEL 7 : firefox (RHSA-2019:2729) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-2729.NASL description An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 25 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in last seen 2020-06-01 modified 2020-06-02 plugin id 129023 published 2019-09-19 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129023 title CentOS 7 : firefox (CESA-2019:2729) NASL family Scientific Linux Local Security Checks NASL id SL_20190910_FIREFOX_ON_SL6_X.NASL description This update upgrades Firefox to version 60.9.0 ESR. Security Fix(es): - Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) - Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) - Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) - Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) - Mozilla: Use-after-free while manipulating video (CVE-2019-11746) - Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) - firefox: stored passwords in last seen 2020-05-31 modified 2019-09-11 plugin id 128667 published 2019-09-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128667 title Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20190910) NASL family Scientific Linux Local Security Checks NASL id SL_20190911_FIREFOX_ON_SL7_X.NASL description Security Fix(es) : - Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) - Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) - Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) - Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) - Mozilla: Use-after-free while manipulating video (CVE-2019-11746) - Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) - firefox: stored passwords in last seen 2020-05-31 modified 2019-09-16 plugin id 128861 published 2019-09-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128861 title Scientific Linux Security Update : firefox on SL7.x x86_64 (20190911) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2019-2663.NASL description From Red Hat Security Advisory 2019:2663 : An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. [Updated 24 September 2019] Previously, this erratum was marked as having a security impact of Critical. This was incorrect; the security impact of this erratum has been changed to Important, to correctly reflect the highest impact rating of CVE fixes included in this release. No changes have been made to the packages. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.1.0 ESR. Security Fix(es) : * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 (CVE-2019-11735) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743) * Mozilla: Persistence of WebRTC permissions in a third party context (CVE-2019-11748) * Mozilla: Camera information available without prompting using getUserMedia (CVE-2019-11749) * Mozilla: Type confusion in Spidermonkey (CVE-2019-11750) * Mozilla: Content security policy bypass through hash-based sources in directives (CVE-2019-11738) * Mozilla: last seen 2020-05-31 modified 2019-09-09 plugin id 128599 published 2019-09-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128599 title Oracle Linux 8 : firefox (ELSA-2019-2663)
Redhat
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1565780
- https://bugzilla.mozilla.org/show_bug.cgi?id=1565780
- https://www.mozilla.org/security/advisories/mfsa2019-24/
- https://www.mozilla.org/security/advisories/mfsa2019-24/