Vulnerabilities > CVE-2020-6822 - Out-of-bounds Write vulnerability in Mozilla Firefox
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-520.NASL description This update for MozillaThunderbird to version 68.7.0 fixes the following issues : - CVE-2020-6819: Use-after-free while running the nsDocShell destructor (boo#1168630) - CVE-2020-6820: Use-after-free when handling a ReadableStream (boo#1168630) - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage() (boo#1168874) - CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images (boo#1168874) - CVE-2020-6825: Memory safety bugs fixed (boo#1168874) last seen 2020-05-08 modified 2020-04-15 plugin id 135578 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135578 title openSUSE Security Update : MozillaThunderbird (openSUSE-2020-520) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2020-520. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(135578); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/07"); script_cve_id("CVE-2020-6819", "CVE-2020-6820", "CVE-2020-6821", "CVE-2020-6822", "CVE-2020-6825"); script_name(english:"openSUSE Security Update : MozillaThunderbird (openSUSE-2020-520)"); script_summary(english:"Check for the openSUSE-2020-520 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for MozillaThunderbird to version 68.7.0 fixes the following issues : - CVE-2020-6819: Use-after-free while running the nsDocShell destructor (boo#1168630) - CVE-2020-6820: Use-after-free when handling a ReadableStream (boo#1168630) - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage() (boo#1168874) - CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images (boo#1168874) - CVE-2020-6825: Memory safety bugs fixed (boo#1168874)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1168630" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1168874" ); script_set_attribute( attribute:"solution", value:"Update the affected MozillaThunderbird packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/24"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"MozillaThunderbird-68.7.0-lp151.2.31.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"MozillaThunderbird-debuginfo-68.7.0-lp151.2.31.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"MozillaThunderbird-debugsource-68.7.0-lp151.2.31.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"MozillaThunderbird-translations-common-68.7.0-lp151.2.31.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"MozillaThunderbird-translations-other-68.7.0-lp151.2.31.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaThunderbird / MozillaThunderbird-debuginfo / etc"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-1489.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1489 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-05-01 plugin id 136194 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136194 title CentOS 7 : thunderbird (CESA-2020:1489) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1489 and # CentOS Errata and Security Advisory 2020:1489 respectively. # include("compat.inc"); if (description) { script_id(136194); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05"); script_cve_id("CVE-2020-6819", "CVE-2020-6820", "CVE-2020-6821", "CVE-2020-6822", "CVE-2020-6825"); script_xref(name:"RHSA", value:"2020:1489"); script_name(english:"CentOS 7 : thunderbird (CESA-2020:1489)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing a security update." ); script_set_attribute( attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1489 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number." ); # https://lists.centos.org/pipermail/centos-announce/2020-April/035710.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?390c6263" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-6825"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:thunderbird"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/24"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"thunderbird-68.7.0-1.el7.centos", allowmaj:TRUE)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird"); }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-1488.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1488 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-28 plugin id 136017 published 2020-04-28 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136017 title CentOS 6 : thunderbird (CESA-2020:1488) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1488 and # CentOS Errata and Security Advisory 2020:1488 respectively. # include("compat.inc"); if (description) { script_id(136017); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05"); script_cve_id("CVE-2020-6819", "CVE-2020-6820", "CVE-2020-6821", "CVE-2020-6822", "CVE-2020-6825"); script_xref(name:"RHSA", value:"2020:1488"); script_name(english:"CentOS 6 : thunderbird (CESA-2020:1488)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing a security update." ); script_set_attribute( attribute:"description", value: "The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1488 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number." ); # https://lists.centos.org/pipermail/centos-announce/2020-April/035698.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f9366714" ); script_set_attribute( attribute:"solution", value:"Update the affected thunderbird package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-6825"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:thunderbird"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/24"); script_set_attribute(attribute:"patch_publication_date", value:"2020/04/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 6.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-6", reference:"thunderbird-68.7.0-1.el6.centos", allowmaj:TRUE)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "thunderbird"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1429.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1429 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-14 plugin id 135415 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135415 title RHEL 6 : firefox (RHSA-2020:1429) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1489.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1489 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-16 plugin id 135684 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135684 title RHEL 7 : thunderbird (RHSA-2020:1489) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2020-098-01.NASL description New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. last seen 2020-05-09 modified 2020-04-08 plugin id 135280 published 2020-04-08 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135280 title Slackware 14.2 / current : mozilla-firefox (SSA:2020-098-01) NASL family Scientific Linux Local Security Checks NASL id SL_20200416_THUNDERBIRD_ON_SL7_X.NASL description Security Fix(es) : - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) last seen 2020-05-31 modified 2020-04-21 plugin id 135845 published 2020-04-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135845 title Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20200416) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1488.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1488 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-16 plugin id 135687 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135687 title RHEL 6 : thunderbird (RHSA-2020:1488) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4655.NASL description Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. last seen 2020-05-08 modified 2020-04-10 plugin id 135366 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135366 title Debian DSA-4655-1 : firefox-esr - security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1420.NASL description The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1420 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-09 plugin id 135288 published 2020-04-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135288 title RHEL 7 : firefox (RHSA-2020:1420) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-1429.NASL description The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1429 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-28 plugin id 136016 published 2020-04-28 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136016 title CentOS 6 : firefox (CESA-2020:1429) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1496.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1496 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-16 plugin id 135691 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135691 title RHEL 8 : thunderbird (RHSA-2020:1496) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2170.NASL description Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For Debian 8 last seen 2020-05-08 modified 2020-04-10 plugin id 135363 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135363 title Debian DLA-2170-1 : firefox-esr security update NASL family Scientific Linux Local Security Checks NASL id SL_20200409_FIREFOX_ON_SL7_X.NASL description This update upgrades Firefox to version 68.7.0 ESR. Security Fix(es) : - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) last seen 2020-05-31 modified 2020-04-21 plugin id 135844 published 2020-04-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135844 title Scientific Linux Security Update : firefox on SL7.x x86_64 (20200409) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4335-1.NASL description Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-11745) It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. (CVE-2019-11755) A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2019-15903) It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792) Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795, CVE-2020-6822) It was discovered that if a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. (CVE-2020-6794) It was discovered that the Devtools last seen 2020-05-08 modified 2020-04-22 plugin id 135896 published 2020-04-22 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135896 title Ubuntu 16.04 LTS : thunderbird vulnerabilities (USN-4335-1) NASL family Scientific Linux Local Security Checks NASL id SL_20200416_THUNDERBIRD_ON_SL6_X.NASL description Security Fix(es) : - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) last seen 2020-05-31 modified 2020-04-17 plugin id 135716 published 2020-04-17 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135716 title Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20200416) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_75_0.NASL description The version of Firefox installed on the remote macOS or Mac OS X host is prior to 75.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-12 advisory. - Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2020-6825) - When reading from areas partially or fully outside the source resource with WebGL last seen 2020-04-10 modified 2020-04-07 plugin id 135275 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135275 title Mozilla Firefox < 75.0 Multiple Vulnerabilities (mfsa2020-12) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4328-1.NASL description It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. (CVE-2020-6792) Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795, CVE-2020-6822) It was discovered that if a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords would still be accessible. A local user could exploit this to obtain sensitive information. (CVE-2020-6794) Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, obtain sensitive information, or execute arbitrary code. (CVE-2019-20503, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6812, CVE-2020-6814, CVE-2020-6819, CVE-2020-6820, CVE-2020-6821, CVE-2020-6825) It was discovered that the Devtools last seen 2020-05-08 modified 2020-04-14 plugin id 135455 published 2020-04-14 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135455 title Ubuntu 18.04 LTS / 19.10 : thunderbird vulnerabilities (USN-4328-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-493.NASL description This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues : - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874). - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874). - CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874). - CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874). - CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-05-08 modified 2020-04-14 plugin id 135446 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135446 title openSUSE Security Update : MozillaFirefox (openSUSE-2020-493) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-202004-11.NASL description The remote host is affected by the vulnerability described in GLSA-202004-11 (Mozilla Firefox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page, possibly resulting in the execution of arbitrary code with the privileges of the process, an information leak or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-05-08 modified 2020-04-24 plugin id 135947 published 2020-04-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135947 title GLSA-202004-11 : Mozilla Firefox: Multiple vulnerabilities NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2020-1429.NASL description The Mozilla Foundation Security Advisory describes this flaw as : On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in last seen 2020-06-06 modified 2020-05-21 plugin id 136752 published 2020-05-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136752 title Amazon Linux 2 : thunderbird (ALAS-2020-1429) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0971-1.NASL description This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues : CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874). CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874). CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874). CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874). CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-04-10 plugin id 135396 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135396 title SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:0971-1) NASL family Windows NASL id MOZILLA_FIREFOX_68_7_ESR.NASL description The version of Firefox ESR installed on the remote Windows host is prior to 68.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-13 advisory. - A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user last seen 2020-04-10 modified 2020-04-07 plugin id 135274 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135274 title Mozilla Firefox ESR < 68.7 Multiple Vulnerabilities (mfsa2020-13) NASL family Windows NASL id MOZILLA_THUNDERBIRD_68_7_0.NASL description The version of Thunderbird installed on the remote Windows host is prior to 68.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-14 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-16 modified 2020-04-14 plugin id 135413 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135413 title Mozilla Thunderbird < 68.7.0 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1495.NASL description From Red Hat Security Advisory 2020:1495 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1495 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-20 plugin id 135747 published 2020-04-20 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135747 title Oracle Linux 8 : thunderbird (ELSA-2020-1495) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1404.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1404 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-12 modified 2020-06-09 plugin id 137245 published 2020-06-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137245 title RHEL 8 : firefox (RHSA-2020:1404) NASL family Scientific Linux Local Security Checks NASL id SL_20200414_FIREFOX_ON_SL6_X.NASL description Security Fix(es) : - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) last seen 2020-05-31 modified 2020-04-15 plugin id 135575 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135575 title Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20200414) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1406.NASL description From Red Hat Security Advisory 2020:1406 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1406 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-11 modified 2020-04-10 plugin id 135380 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135380 title Oracle Linux 8 : firefox (ELSA-2020-1406) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1420.NASL description From Red Hat Security Advisory 2020:1420 : The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1420 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-14 plugin id 135431 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135431 title Oracle Linux 7 : firefox (ELSA-2020-1420) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1406.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1406 advisory. - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-12 modified 2020-06-09 plugin id 137246 published 2020-06-09 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/137246 title RHEL 8 : firefox (RHSA-2020:1406) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2020-1489.NASL description From Red Hat Security Advisory 2020:1489 : The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1489 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-17 plugin id 135715 published 2020-04-17 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135715 title Oracle Linux 7 : thunderbird (ELSA-2020-1489) NASL family MacOS X Local Security Checks NASL id MACOS_THUNDERBIRD_68_7_0.NASL description The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-14 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-16 modified 2020-04-14 plugin id 135412 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135412 title Mozilla Thunderbird < 68.7.0 NASL family Windows NASL id MOZILLA_FIREFOX_75_0.NASL description The version of Firefox installed on the remote Windows host is prior to 75.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-12 advisory. - Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2020-6825) - When reading from areas partially or fully outside the source resource with WebGL last seen 2020-04-10 modified 2020-04-07 plugin id 135276 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135276 title Mozilla Firefox < 75.0 (mfsa2020-12) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4323-1.NASL description Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6821, CVE-2020-6822, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826) It was discovered that extensions could obtain auth codes from OAuth login flows in some circumstances. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain access to the user last seen 2020-05-09 modified 2020-04-08 plugin id 135284 published 2020-04-08 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135284 title Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : firefox vulnerabilities (USN-4323-1) NASL family MacOS X Local Security Checks NASL id MACOS_FIREFOX_68_7_ESR.NASL description The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-13 advisory. - A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user last seen 2020-04-10 modified 2020-04-07 plugin id 135273 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135273 title Mozilla Firefox ESR < 68.7 Multiple Vulnerabilities (mfsa2020-13) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0978-1.NASL description This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues : CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method (bsc#1168874). CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images (bsc#1168874). CVE-2020-6825: Fixed Memory safety bugs (bsc#1168874). CVE-2020-6827: Custom Tabs could have the URI spoofed (bsc#1168874). CVE-2020-6828: Preference overwrite via crafted Intent (bsc#1168874). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-04-10 plugin id 135397 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135397 title SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0978-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-544.NASL description This update for MozillaThunderbird to version 68.7.0 fixes the following issues : - CVE-2020-6819: Use-after-free while running the nsDocShell destructor (boo#1168630) - CVE-2020-6820: Use-after-free when handling a ReadableStream (boo#1168630) - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage() (boo#1168874) - CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images (boo#1168874) - CVE-2020-6825: Memory safety bugs fixed (boo#1168874) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-05-08 modified 2020-04-27 plugin id 136007 published 2020-04-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136007 title openSUSE Security Update : MozillaThunderbird (openSUSE-2020-544) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1495.NASL description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1495 advisory. - Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) - Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) - Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) - Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) - Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-02 modified 2020-04-16 plugin id 135692 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135692 title RHEL 8 : thunderbird (RHSA-2020:1495) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-2172.NASL description Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. For Debian 8 last seen 2020-05-08 modified 2020-04-15 plugin id 135495 published 2020-04-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135495 title Debian DLA-2172-1 : thunderbird security update NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4656.NASL description Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. last seen 2020-05-08 modified 2020-04-14 plugin id 135417 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135417 title Debian DSA-4656-1 : thunderbird - security update
Redhat
rpms |
|
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1544181
- https://bugzilla.mozilla.org/show_bug.cgi?id=1544181
- https://usn.ubuntu.com/4335-1/
- https://usn.ubuntu.com/4335-1/
- https://www.mozilla.org/security/advisories/mfsa2020-12/
- https://www.mozilla.org/security/advisories/mfsa2020-12/
- https://www.mozilla.org/security/advisories/mfsa2020-13/
- https://www.mozilla.org/security/advisories/mfsa2020-13/
- https://www.mozilla.org/security/advisories/mfsa2020-14/
- https://www.mozilla.org/security/advisories/mfsa2020-14/