Vulnerabilities > CVE-2019-15903 - XML Entity Expansion vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
libexpat-project
python
CWE-776
nessus

Summary

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

Vulnerable Configurations

Part Description Count
Application
Libexpat_Project
22
Application
Python
146

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0302-1.NASL
    descriptionThis update for python36 to version 3.6.10 fixes the following issues : CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ signs (bsc#1149955). CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133448
    published2020-02-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133448
    titleSUSE SLES12 Security Update : python36 (SUSE-SU-2020:0302-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2020:0302-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133448);
      script_version("1.2");
      script_cvs_date("Date: 2020/02/06");
    
      script_cve_id("CVE-2017-18207", "CVE-2018-1000802", "CVE-2018-1060", "CVE-2018-20852", "CVE-2019-10160", "CVE-2019-15903", "CVE-2019-16056", "CVE-2019-5010", "CVE-2019-9636", "CVE-2019-9947");
    
      script_name(english:"SUSE SLES12 Security Update : python36 (SUSE-SU-2020:0302-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for python36 to version 3.6.10 fixes the following 
    issues :
    
    CVE-2017-18207: Fixed a denial of service in
    Wave_read._read_fmt_chunk() (bsc#1083507).
    
    CVE-2019-16056: Fixed an issue where email parsing could fail for
    multiple @ signs (bsc#1149955).
    
    CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat
    (bsc#1149429).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1027282"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1029377"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1081750"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1083507"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1086001"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1088009"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1094814"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1109663"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137942"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138459"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1141853"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149121"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149429"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149792"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1149955"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1151490"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159035"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1159622"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=709442"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=951166"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=983582"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-18207/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-1000802/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-1060/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-20852/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-10160/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-15903/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-16056/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-5010/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-9636/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-9947/"
      );
      # https://www.suse.com/support/update/announcement/2020/suse-su-20200302-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?68a41617"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server 12-SP5 :
    
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-302=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython3_6m1_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython3_6m1_0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36-base-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python36-debugsource");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/01");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libpython3_6m1_0-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"libpython3_6m1_0-debuginfo-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-base-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-base-debuginfo-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-base-debugsource-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-debuginfo-3.6.10-4.3.5")) flag++;
    if (rpm_check(release:"SLES12", sp:"5", reference:"python36-debugsource-3.6.10-4.3.5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python36");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_HT210788.NASL
    descriptionThe remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2019-007, 10.14.x prior to 10.14.6 Security Update 2019-002, or 10.15.x prior to 10.15.2. It is, therefore, affected by multiple vulnerabilities : - slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. (CVE-2012-1164) - libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. (CVE-2012-2668) - The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. (CVE-2013-4449) - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request. (CVE-2015-1545) - tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. (CVE-2017-16808) - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103) - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105) - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). (CVE-2018-14461) - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). (CVE-2018-14462) - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). (CVE-2018-14463) - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464) - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). (CVE-2018-14465) - The Rx parser in tcpdump before 4.9.3 has a buffer over- read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466) - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467) - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). (CVE-2018-14468) - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). (CVE-2018-14469) - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). (CVE-2018-14470) - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). (CVE-2018-14879) - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). (CVE-2018-14880) - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881) - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882) - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227) - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). (CVE-2018-16228) - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). (CVE-2018-16229) - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230) - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300) - libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading. (CVE-2018-16301) - The SMB parser in tcpdump before 4.9.3 has buffer over- reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. (CVE-2018-16451) - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. (CVE-2018-16452) - An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.) (CVE-2019-13057) - An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. (CVE-2019-13565) - rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. (CVE-2019-15161) - rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. (CVE-2019-15162) - rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. (CVE-2019-15163) - rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. (CVE-2019-15164) - sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. (CVE-2019-15165) - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. (CVE-2019-15166) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the operating system
    last seen2020-06-01
    modified2020-06-02
    plugin id131957
    published2019-12-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131957
    titlemacOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_THUNDERBIRD_68_2.NASL
    descriptionThe version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-35 advisory. - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130364
    published2019-10-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130364
    titleMozilla Thunderbird < 68.2
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4530.NASL
    descriptionIt was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed.
    last seen2020-06-01
    modified2020-06-02
    plugin id129108
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129108
    titleDebian DSA-4530-1 : expat - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2103.NASL
    descriptionAccording to the version of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-03
    modified2019-11-12
    plugin id130812
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130812
    titleEulerOS 2.0 SP8 : expat (EulerOS-SA-2019-2103)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0215_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id131405
    published2019-12-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131405
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0215)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2204.NASL
    descriptionThis update for expat fixes the following issues : Security issues fixed : - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id129456
    published2019-09-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129456
    titleopenSUSE Security Update : expat (openSUSE-2019-2204)
  • NASL familyWindows
    NASL idMOZILLA_THUNDERBIRD_68_2.NASL
    descriptionThe version of Thunderbird installed on the remote Windows host is prior to 68.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-35 advisory. - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130365
    published2019-10-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130365
    titleMozilla Thunderbird < 68.2
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-3756.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-11-14
    plugin id130977
    published2019-11-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130977
    titleCentOS 6 : thunderbird (CESA-2019:3756)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3237.NASL
    descriptionFrom Red Hat Security Advisory 2019:3237 : An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-31
    plugin id130415
    published2019-10-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130415
    titleOracle Linux 8 : thunderbird (ELSA-2019-3237)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2433.NASL
    descriptionAccording to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.(CVE-2016-9063) - XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.(CVE-2017-9233) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-12-04
    plugin id131587
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131587
    titleEulerOS 2.0 SP2 : expat (EulerOS-SA-2019-2433)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3210.NASL
    descriptionFrom Red Hat Security Advisory 2019:3210 : An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-31
    plugin id130414
    published2019-10-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130414
    titleOracle Linux 7 : thunderbird (ELSA-2019-3210)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-293-01.NASL
    descriptionNew python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130079
    published2019-10-21
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130079
    titleSlackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-613EDFE68B.NASL
    descriptionThis update of `expat` fixes the following security issue : - **CVE-2019-15903** -- Fix heap overflow triggered by `XML_GetCurrentLineNumber` (or `XML_GetCurrentColumnNumber`), and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where `XML_StopParser` did not have any effect when called from inside of an end element handler - xmlwf: Fix exit code for operation without
    last seen2020-06-01
    modified2020-06-02
    plugin id129620
    published2019-10-07
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129620
    titleFedora 31 : expat (2019-613edfe68b)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_9B7491FBF25311E9A50C000C29C4DC65.NASL
    descriptionPython changelog : bpo-38243: Escape the server title of xmlrpc.server.DocXMLRPCServer when rendering the document page as HTML. bpo-38174: Update vendorized expat library version to 2.2.8, which resolves CVE-2019-15903. bpo-37764: Fixes email._header_value_parser.get_unstructured going into an infinite loop for a specific case in which the email header does not have trailing whitespace, and the case in which it contains an invalid encoded word. bpo-37461: Fix an infinite loop when parsing specially crafted email headers. bpo-34155: Fix parsing of invalid email addresses with more than one @ (e.g. a@[email protected].) to not return the part before 2nd @ as valid email address.
    last seen2020-06-01
    modified2020-06-02
    plugin id130077
    published2019-10-21
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130077
    titleFreeBSD : python 3.7 -- multiple vulnerabilities (9b7491fb-f253-11e9-a50c-000c29c4dc65)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-295-01.NASL
    descriptionNew mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130158
    published2019-10-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130158
    titleSlackware 14.2 / current : mozilla-firefox (SSA:2019-295-01)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3193.NASL
    descriptionFrom Red Hat Security Advisory 2019:3193 : An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-24
    plugin id130184
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130184
    titleOracle Linux 7 : firefox (ELSA-2019-3193)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2871-1.NASL
    descriptionThis update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Non-security issues fixed: Added Provides-line for translations-common (bsc#1153423) . Moved some settings from branding-package here (bsc#1153869). Disabled DoH by default. Changes in MozillaFirefox-branding-SLE: Moved extensions preferences to core package (bsc#1153869). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130449
    published2019-11-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130449
    titleSUSE SLED15 / SLES15 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2019:2871-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20191029_THUNDERBIRD_ON_SL7_X.NASL
    descriptionThis update upgrades Thunderbird to version 68.2.0. Security Fix(es) : - Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) - Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) - Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) - Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) - Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) - Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) - Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) - Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) - expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
    last seen2020-05-31
    modified2019-10-30
    plugin id130386
    published2019-10-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130386
    titleScientific Linux Security Update : thunderbird on SL7.x x86_64 (20191029)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4165-1.NASL
    descriptionMultiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, bypass content security policy (CSP) protections, or execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130200
    published2019-10-24
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130200
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : firefox vulnerabilities (USN-4165-1)
  • NASL familyMisc.
    NASL idAPPLETV_13_3.NASL
    descriptionAccording to its banner, the version of Apple TV on the remote device is prior to 13.3. It is therefore affected by multiple vulnerabilities as described in the HT210790
    last seen2020-06-01
    modified2020-06-02
    plugin id132045
    published2019-12-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132045
    titleApple TV < 13.3 Multiple Vulnerabilities
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2145.NASL
    descriptionAccording to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.(CVE-2016-9063) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-11-12
    plugin id130854
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130854
    titleEulerOS 2.0 SP5 : expat (EulerOS-SA-2019-2145)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1987.NASL
    descriptionMultiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases (ESR) of Firefox. Support for the 60.x series has ended, so starting with this update we
    last seen2020-06-01
    modified2020-06-02
    plugin id130772
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130772
    titleDebian DLA-1987-1 : firefox-esr security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-672AE0F060.NASL
    descriptionThis update of `expat` fixes the following security issue : - **CVE-2019-15903** -- Fix heap overflow triggered by `XML_GetCurrentLineNumber` (or `XML_GetCurrentColumnNumber`), and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where `XML_StopParser` did not have any effect when called from inside of an end element handler - xmlwf: Fix exit code for operation without
    last seen2020-06-01
    modified2020-06-02
    plugin id129511
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129511
    titleFedora 29 : expat (2019-672ae0f060)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2440-1.NASL
    descriptionThis update for expat fixes the following issues : Security issue fixed : CVE-2019-15903: Fixed a heap-based buffer over-read caused by crafted XML documents. (bsc#1149429) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129288
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129288
    titleSUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2019:2440-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2872-1.NASL
    descriptionThis update for MozillaFirefox to 68.2.0 ESR fixes the following issues : Mozilla Firefox was updated to version 68.2.0 ESR (bsc#1154738). Security issues fixed : CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Non-security issues fixed: Firefox 60.7 ESR changed the user interface language (bsc#1137990). Wrong Firefox GUI Language (bsc#1120374). Fixed an inadvertent crash report transmission without user opt-in (bsc#1074235). Firefox hangs randomly when browsing and scrolling (bsc#1043008). Firefox stops loading page until mouse is moved (bsc#1025108). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130450
    published2019-11-01
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130450
    titleSUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2019:2872-1)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_70_0.NASL
    descriptionThe version of Firefox installed on the remote Windows host is prior to 70.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-34 advisory, including the following: - Incorrect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (CVE-2018-6156) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) - When storing a value in IndexedDB, the value
    last seen2020-06-01
    modified2020-06-02
    plugin id130170
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130170
    titleMozilla Firefox < 70.0 Multiple Vulnerabilities
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4202-2.NASL
    descriptionUSN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details : It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. (CVE-2019-11755) Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764) A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-15903). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132011
    published2019-12-12
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132011
    titleUbuntu 18.04 LTS / 19.10 : thunderbird regression (USN-4202-2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4132-1.NASL
    descriptionIt was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128874
    published2019-09-16
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128874
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 : expat vulnerability (USN-4132-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1075.NASL
    descriptionAccording to the version of the expat packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132829
    published2020-01-13
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132829
    titleEulerOS Virtualization for ARM 64 3.0.5.0 : expat (EulerOS-SA-2020-1075)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3210.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-30
    plugin id130371
    published2019-10-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130371
    titleRHEL 7 : thunderbird (RHSA-2019:3210)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0003_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) - When following the value
    last seen2020-06-01
    modified2020-06-02
    plugin id133071
    published2020-01-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133071
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0003)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-3193.NASL
    descriptionAn update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-03-17
    modified2019-11-01
    plugin id130434
    published2019-11-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130434
    titleCentOS 7 : firefox (CESA-2019:3193)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-3210.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-11-01
    plugin id130436
    published2019-11-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130436
    titleCentOS 7 : thunderbird (CESA-2019:3210)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4335-1.NASL
    descriptionMultiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-11745) It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. (CVE-2019-11755) A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-15903) It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792) Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795, CVE-2020-6822) It was discovered that if a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. (CVE-2020-6794) It was discovered that the Devtools
    last seen2020-05-08
    modified2020-04-22
    plugin id135896
    published2020-04-22
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135896
    titleUbuntu 16.04 LTS : thunderbird vulnerabilities (USN-4335-1)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_GOOGLE_CHROME_78_0_3904_70.NASL
    descriptionThe version of Google Chrome installed on the remote macOS host is prior to 78.0.3904.70. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_10_stable-channel-update-for-desktop_22 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130274
    published2019-10-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130274
    titleGoogle Chrome < 78.0.3904.70 Multiple Vulnerabilities
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1445.NASL
    descriptionAccording to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.(CVE-2017-9233) - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.(CVE-2016-9063) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-04-30
    modified2020-04-16
    plugin id135607
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135607
    titleEulerOS Virtualization 3.0.2.2 : expat (EulerOS-SA-2020-1445)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3196.NASL
    descriptionFrom Red Hat Security Advisory 2019:3196 : An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-25
    plugin id130247
    published2019-10-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130247
    titleOracle Linux 8 : firefox (ELSA-2019-3196)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20191106_THUNDERBIRD_ON_SL6_X.NASL
    descriptionThis update upgrades Thunderbird to version 68.2.0. Security Fix(es) : - Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) - Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) - Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) - Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) - Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) - Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) - Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) - Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) - expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
    last seen2020-05-31
    modified2019-11-08
    plugin id130750
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130750
    titleScientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20191106)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2420.NASL
    descriptionThis update for chromium, re2 fixes the following issues : Chromium was updated to 78.0.3904.70 boo#1154806 : - CVE-2019-13699: Use-after-free in media - CVE-2019-13700: Buffer overrun in Blink - CVE-2019-13701: URL spoof in navigation - CVE-2019-13702: Privilege elevation in Installer - CVE-2019-13703: URL bar spoofing - CVE-2019-13704: CSP bypass - CVE-2019-13705: Extension permission bypass - CVE-2019-13706: Out-of-bounds read in PDFium - CVE-2019-13707: File storage disclosure - CVE-2019-13708: HTTP authentication spoof - CVE-2019-13709: File download protection bypass - CVE-2019-13710: File download protection bypass - CVE-2019-13711: Cross-context information leak - CVE-2019-15903: Buffer overflow in expat - CVE-2019-13713: Cross-origin data leak - CVE-2019-13714: CSS injection - CVE-2019-13715: Address bar spoofing - CVE-2019-13716: Service worker state error - CVE-2019-13717: Notification obscured - CVE-2019-13718: IDN spoof - CVE-2019-13719: Notification obscured - Various fixes from internal audits, fuzzing and other initiatives - Use internal resources for icon and appdata
    last seen2020-05-31
    modified2019-11-04
    plugin id130500
    published2019-11-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130500
    titleopenSUSE Security Update : chromium / re2 (openSUSE-2019-2420)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1376.NASL
    descriptionSeveral memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.(CVE-2019-11764) A flaw was discovered in both Firefox and Thunderbird where 4 bytes of a HMAC output could be written past the end of a buffer stored on the memory stack. This could allow an attacker to execute arbitrary code or lead to a crash. This flaw can be exploited over the network.(CVE-2019-11759) A flaw was found in Mozilla Firefox and Thunderbird where null bytes were incorrectly parsed in HTML entities. This could lead to HTML comments being treated as code which could lead to XSS in a web application or HTML entities being masked from filters.(CVE-2019-11763) A vulnerability was found in Mozilla Firefox and Thunderbird. Privileged JSONView objects that have been cloned into content can be accessed using a form with a data URI. This flaw bypasses existing defense-in-depth mechanisms and can be exploited over the network.(CVE-2019-11761) A flaw was discovered in Mozilla Firefox and Thunderbird where a fixed-stack buffer overflow could occur during WebRTC signalling. The vulnerability could lead to an exploitable crash or leak data.(CVE-2019-11760) A use-after-free flaw was found in Mozilla Firefox and Thunderbird. When following a value
    last seen2020-05-31
    modified2019-12-19
    plugin id132264
    published2019-12-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132264
    titleAmazon Linux 2 : thunderbird (ALAS-2019-1376)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2205.NASL
    descriptionThis update for expat fixes the following issues : Security issues fixed : - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id129457
    published2019-09-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129457
    titleopenSUSE Security Update : expat (openSUSE-2019-2205)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2429-1.NASL
    descriptionThis update for expat fixes the following issues : Security issues fixed : CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129283
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129283
    titleSUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2019:2429-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2464.NASL
    descriptionThis update for MozillaThunderbird to version 68.2.1 provides the following fixes : - Security issues fixed (bsc#1154738) : - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Other fixes (bsc#1153879) : - Some attachments couldn
    last seen2020-06-01
    modified2020-06-02
    plugin id130937
    published2019-11-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130937
    titleopenSUSE Security Update : MozillaThunderbird (openSUSE-2019-2464)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_FIREFOX_68_2_ESR.NASL
    descriptionThe version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-33 advisory, including the following: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) could then result in a heap-based buffer over-read. (CVE-2019-15903) - A use-after-free vulnerability exists in IndexedDB when creating updates. When following the value
    last seen2020-06-01
    modified2020-06-02
    plugin id130171
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130171
    titleMozilla Firefox ESR 68.x < 68.2 Multiple Vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1997.NASL
    descriptionMultiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 60.x series has ended, so starting with this update we
    last seen2020-06-01
    modified2020-06-02
    plugin id131136
    published2019-11-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131136
    titleDebian DLA-1997-1 : thunderbird security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2459.NASL
    descriptionThis update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Non-security issues fixed : - Added Provides-line for translations-common (bsc#1153423) . - Moved some settings from branding-package here (bsc#1153869). - Disabled DoH by default. Changes in MozillaFirefox-branding-SLE : - Moved extensions preferences to core package (bsc#1153869). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-05-31
    modified2019-11-12
    plugin id130890
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130890
    titleopenSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2459)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOS_FIREFOX_70_0.NASL
    descriptionThe version of Firefox installed on the remote macOS or Mac OS X host is prior to 70.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-34 advisory, including the following: - Incorrect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (CVE-2018-6156) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) - When storing a value in IndexedDB, the value
    last seen2020-06-01
    modified2020-06-02
    plugin id130169
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130169
    titleMozilla Firefox < 70.0 Multiple Vulnerabilities
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-259-01.NASL
    descriptionNew expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id128963
    published2019-09-17
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128963
    titleSlackware 14.0 / 14.1 / 14.2 / current : expat (SSA:2019-259-01)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0022_THUNDERBIRD.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user
    last seen2020-03-18
    modified2020-03-11
    plugin id134410
    published2020-03-11
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134410
    titleNewStart CGSL MAIN 4.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0022)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0114-1.NASL
    descriptionThis update for python3 to version 3.6.10 fixes the following issues : CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133036
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133036
    titleSUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1217.NASL
    descriptionAccording to the versions of the expat packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.(CVE-2016-9063) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-19
    modified2020-03-13
    plugin id134506
    published2020-03-13
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134506
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : expat (EulerOS-SA-2020-1217)
  • NASL familyWindows
    NASL idITUNES_12_10_3.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is prior to 12.10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210793 advisory. - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id132416
    published2019-12-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132416
    titleApple iTunes < 12.10.3 Multiple Vulnerabilities (credentialed check)
  • NASL familyWindows
    NASL idMOZILLA_FIREFOX_68_2_ESR.NASL
    descriptionThe version of Firefox ESR installed on the remote Windows host is prior to 68.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-33 advisory, including the following: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) could then result in a heap-based buffer over-read. (CVE-2019-15903) - A use-after-free vulnerability exists in IndexedDB when creating updates. When following the value
    last seen2020-06-01
    modified2020-06-02
    plugin id130172
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130172
    titleMozilla Firefox ESR 68.x < 68.2 Multiple vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3237.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-30
    plugin id130382
    published2019-10-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130382
    titleRHEL 8 : thunderbird (RHSA-2019:3237)
  • NASL familyWindows
    NASL idGOOGLE_CHROME_78_0_3904_70.NASL
    descriptionThe version of Google Chrome installed on the remote Windows host is prior to 78.0.3904.70. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_10_stable-channel-update-for-desktop_22 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id130275
    published2019-10-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130275
    titleGoogle Chrome < 78.0.3904.70 Multiple Vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201911-08.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201911-08 (Expat: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id131268
    published2019-11-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131268
    titleGLSA-201911-08 : Expat: Multiple vulnerabilities
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_12_10_3_BANNER.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is prior to 12.10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210793 advisory. - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. (CVE-2019-15903) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id132415
    published2019-12-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132415
    titleApple iTunes < 12.10.3 Multiple Vulnerabilities (uncredentialed check)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-86.NASL
    descriptionThis update for python3 to version 3.6.10 fixes the following issues : - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id133172
    published2020-01-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133172
    titleopenSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3196.NASL
    descriptionAn update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-25
    plugin id130248
    published2019-10-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130248
    titleRHEL 8 : firefox (RHSA-2019:3196)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4571.NASL
    descriptionMultiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 60.x series has ended, so starting with this update we
    last seen2020-06-01
    modified2020-06-02
    plugin id131139
    published2019-11-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131139
    titleDebian DSA-4571-1 : thunderbird - security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4549.NASL
    descriptionMultiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases (ESR) of Firefox. Support for the 60.x series has ended, so starting with this update we
    last seen2020-06-01
    modified2020-06-02
    plugin id130288
    published2019-10-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130288
    titleDebian DSA-4549-1 : firefox-esr - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2256.NASL
    descriptionAccording to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.(CVE-2016-9063) - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.(CVE-2019-15903) - XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.(CVE-2017-9233) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-08
    modified2019-11-08
    plugin id130718
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130718
    titleEulerOS 2.0 SP3 : expat (EulerOS-SA-2019-2256)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2452.NASL
    descriptionThis update for MozillaThunderbird to version 68.2.1 provides the following fixes : - Security issues fixed (bsc#1154738) : - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Other fixes (bsc#1153879) : - Some attachments couldn
    last seen2020-06-01
    modified2020-06-02
    plugin id130936
    published2019-11-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130936
    titleopenSUSE Security Update : MozillaThunderbird (openSUSE-2019-2452)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-9505C6B555.NASL
    descriptionThis update of `expat` fixes the following security issue : - **CVE-2019-15903** -- Fix heap overflow triggered by `XML_GetCurrentLineNumber` (or `XML_GetCurrentColumnNumber`), and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where `XML_StopParser` did not have any effect when called from inside of an end element handler - xmlwf: Fix exit code for operation without
    last seen2020-06-01
    modified2020-06-02
    plugin id129322
    published2019-09-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129322
    titleFedora 30 : expat (2019-9505c6b555)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3756.NASL
    descriptionAn update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-11-08
    plugin id130742
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130742
    titleRHEL 6 : thunderbird (RHSA-2019:3756)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3193.NASL
    descriptionAn update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Mozilla Firefox is an open source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es) : * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-05-31
    modified2019-10-24
    plugin id130190
    published2019-10-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130190
    titleRHEL 7 : firefox (RHSA-2019:3193)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2451.NASL
    descriptionThis update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack-based buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack-based buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Non-security issues fixed : - Added Provides-line for translations-common (bsc#1153423) . - Moved some settings from branding-package here (bsc#1153869). - Disabled DoH by default. Changes in MozillaFirefox-branding-SLE : - Moved extensions preferences to core package (bsc#1153869). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-05-31
    modified2019-11-12
    plugin id130885
    published2019-11-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130885
    titleopenSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2451)

Redhat

advisories
  • bugzilla
    id1764446
    titleCVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • commentfirefox is earlier than 0:68.2.0-1.el7_7
        ovaloval:com.redhat.rhsa:tst:20193193001
      • commentfirefox is signed with Red Hat redhatrelease2 key
        ovaloval:com.redhat.rhsa:tst:20100861006
    rhsa
    idRHSA-2019:3193
    released2019-10-24
    severityCritical
    titleRHSA-2019:3193: firefox security update (Critical)
  • bugzilla
    id1764446
    titleCVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentfirefox-debugsource is earlier than 0:68.2.0-2.el8_0
            ovaloval:com.redhat.rhsa:tst:20193196001
          • commentfirefox-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20190966002
        • AND
          • commentfirefox is earlier than 0:68.2.0-2.el8_0
            ovaloval:com.redhat.rhsa:tst:20193196003
          • commentfirefox is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100861006
    rhsa
    idRHSA-2019:3196
    released2019-10-24
    severityCritical
    titleRHSA-2019:3196: firefox security update (Critical)
  • bugzilla
    id1764446
    titleCVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • commentthunderbird is earlier than 0:68.2.0-1.el7_7
        ovaloval:com.redhat.rhsa:tst:20193210001
      • commentthunderbird is signed with Red Hat redhatrelease2 key
        ovaloval:com.redhat.rhsa:tst:20100896002
    rhsa
    idRHSA-2019:3210
    released2019-10-29
    severityImportant
    titleRHSA-2019:3210: thunderbird security update (Important)
  • bugzilla
    id1764446
    titleCVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentthunderbird-debugsource is earlier than 0:68.2.0-1.el8_0
            ovaloval:com.redhat.rhsa:tst:20193237001
          • commentthunderbird-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191144002
        • AND
          • commentthunderbird is earlier than 0:68.2.0-1.el8_0
            ovaloval:com.redhat.rhsa:tst:20193237003
          • commentthunderbird is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100896002
    rhsa
    idRHSA-2019:3237
    released2019-10-29
    severityImportant
    titleRHSA-2019:3237: thunderbird security update (Important)
  • bugzilla
    id1764446
    titleCVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • commentthunderbird is earlier than 0:68.2.0-2.el6_10
        ovaloval:com.redhat.rhsa:tst:20193756001
      • commentthunderbird is signed with Red Hat redhatrelease2 key
        ovaloval:com.redhat.rhsa:tst:20100896002
    rhsa
    idRHSA-2019:3756
    released2019-11-06
    severityImportant
    titleRHSA-2019:3756: thunderbird security update (Important)
rpms
  • firefox-0:68.2.0-1.el7_7
  • firefox-debuginfo-0:68.2.0-1.el7_7
  • firefox-0:68.2.0-2.el8_0
  • firefox-debuginfo-0:68.2.0-2.el8_0
  • firefox-debugsource-0:68.2.0-2.el8_0
  • thunderbird-0:68.2.0-1.el7_7
  • thunderbird-debuginfo-0:68.2.0-1.el7_7
  • thunderbird-0:68.2.0-1.el8_0
  • thunderbird-debuginfo-0:68.2.0-1.el8_0
  • thunderbird-debugsource-0:68.2.0-1.el8_0
  • thunderbird-0:68.2.0-2.el6_10
  • thunderbird-debuginfo-0:68.2.0-2.el6_10

References