Headline
RHSA-2023:3155: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks.
- CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have led to a crash in the RLBox Expat driver.
- CVE-2023-32207: The Mozilla Foundation Security Advisory describes this flaw as: A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions.
- CVE-2023-32211: The Mozilla Foundation Security Advisory describes this flaw as: A type checking bug would have led to invalid code being compiled.
- CVE-2023-32212: The Mozilla Foundation Security Advisory describes this flaw as:
An attacker could have positioned a
datalistelement to obscure the address bar. - CVE-2023-32213: The Mozilla Foundation Security Advisory describes this flaw as: When reading a file, an uninitialized value could have been used as read limit.
- CVE-2023-32215: The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-05-16
Updated:
2023-05-16
RHSA-2023:3155 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.11.0.
Security Fix(es):
- Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205)
- Mozilla: Crash in RLBox Expat driver (CVE-2023-32206)
- Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207)
- Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215)
- Mozilla: Content process crash due to invalid wasm code (CVE-2023-32211)
- Mozilla: Potential spoof due to obscured address bar (CVE-2023-32212)
- Mozilla: Potential memory corruption in FileReader::DoReadData() (CVE-2023-32213)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Thunderbird must be restarted for the update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2196736 - CVE-2023-32205 Mozilla: Browser prompts could have been obscured by popups
- BZ - 2196737 - CVE-2023-32206 Mozilla: Crash in RLBox Expat driver
- BZ - 2196738 - CVE-2023-32207 Mozilla: Potential permissions request bypass via clickjacking
- BZ - 2196740 - CVE-2023-32211 Mozilla: Content process crash due to invalid wasm code
- BZ - 2196741 - CVE-2023-32212 Mozilla: Potential spoof due to obscured address bar
- BZ - 2196742 - CVE-2023-32213 Mozilla: Potential memory corruption in FileReader::DoReadData()
- BZ - 2196753 - CVE-2023-32215 Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
CVEs
- CVE-2023-32205
- CVE-2023-32206
- CVE-2023-32207
- CVE-2023-32211
- CVE-2023-32212
- CVE-2023-32213
- CVE-2023-32215
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
x86_64
thunderbird-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 92737c324115282d68032ef271e9018269bc8428b498a3c5ac307d75053781ce
thunderbird-debuginfo-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 7219d5cac44684a3863ec48b2137a327e7159b896a34edefad1a59fa25e55934
thunderbird-debugsource-102.11.0-1.el8_6.x86_64.rpm
SHA-256: a5982754be9ba92f9fce2cded83841a1e33b75026dc39ddf3e46c3eb0bc23ed8
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
x86_64
thunderbird-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 92737c324115282d68032ef271e9018269bc8428b498a3c5ac307d75053781ce
thunderbird-debuginfo-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 7219d5cac44684a3863ec48b2137a327e7159b896a34edefad1a59fa25e55934
thunderbird-debugsource-102.11.0-1.el8_6.x86_64.rpm
SHA-256: a5982754be9ba92f9fce2cded83841a1e33b75026dc39ddf3e46c3eb0bc23ed8
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
s390x
thunderbird-102.11.0-1.el8_6.s390x.rpm
SHA-256: 8208b99a51d81dec8c89805f0f740cacd2a4cdb8bb39beb1a762016d5b46db02
thunderbird-debuginfo-102.11.0-1.el8_6.s390x.rpm
SHA-256: 966790791116d146ae0284d7798b0bcf0d96cf2f8f3e5e2ba5749f5318bf383d
thunderbird-debugsource-102.11.0-1.el8_6.s390x.rpm
SHA-256: b17b758a8df4d729568b500a02b92d24514ba741e7fcc72b98fc1736a6a3faac
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
ppc64le
thunderbird-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: 8242b633499b8fe990d69be7000413b01b8a202c2fc8f36478a51d5a792919c7
thunderbird-debuginfo-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: b1ea989d98fc689fdcc13b7a5906f42561f57669f527cd3f1e8a6c2c0fa564ae
thunderbird-debugsource-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: ebf8b6e89a0d1706071af9c96c00ed2e4d013ad31ec67416d0e0329fbd18da74
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
x86_64
thunderbird-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 92737c324115282d68032ef271e9018269bc8428b498a3c5ac307d75053781ce
thunderbird-debuginfo-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 7219d5cac44684a3863ec48b2137a327e7159b896a34edefad1a59fa25e55934
thunderbird-debugsource-102.11.0-1.el8_6.x86_64.rpm
SHA-256: a5982754be9ba92f9fce2cded83841a1e33b75026dc39ddf3e46c3eb0bc23ed8
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
aarch64
thunderbird-102.11.0-1.el8_6.aarch64.rpm
SHA-256: 23867f1290fc7219d9a33a814f78c525a8d10cb0dd93ddf8c493ad0bca8286ad
thunderbird-debuginfo-102.11.0-1.el8_6.aarch64.rpm
SHA-256: b7de9b36de4234abbe1e5492e787dfbd1d6e172e8dda4d1155dbe0ce125acffe
thunderbird-debugsource-102.11.0-1.el8_6.aarch64.rpm
SHA-256: 1dfa3471845ef2cc6ea9f541797117314828f1308a4670ac157c024810f690a7
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
ppc64le
thunderbird-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: 8242b633499b8fe990d69be7000413b01b8a202c2fc8f36478a51d5a792919c7
thunderbird-debuginfo-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: b1ea989d98fc689fdcc13b7a5906f42561f57669f527cd3f1e8a6c2c0fa564ae
thunderbird-debugsource-102.11.0-1.el8_6.ppc64le.rpm
SHA-256: ebf8b6e89a0d1706071af9c96c00ed2e4d013ad31ec67416d0e0329fbd18da74
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
thunderbird-102.11.0-1.el8_6.src.rpm
SHA-256: c5b206bc43c1eb3f4369ee3d54440bffc571e6b6d5f04bee7c4a239421a7567b
x86_64
thunderbird-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 92737c324115282d68032ef271e9018269bc8428b498a3c5ac307d75053781ce
thunderbird-debuginfo-102.11.0-1.el8_6.x86_64.rpm
SHA-256: 7219d5cac44684a3863ec48b2137a327e7159b896a34edefad1a59fa25e55934
thunderbird-debugsource-102.11.0-1.el8_6.x86_64.rpm
SHA-256: a5982754be9ba92f9fce2cded83841a1e33b75026dc39ddf3e46c3eb0bc23ed8
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202312-3 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 102.12 are affected.
Ubuntu Security Notice 6074-3 - USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service. Anne van Kesteren discovered that Firefox did not properly validate the import call in service workers. An attacker could potentially exploits this to obtain sensitive information. Sam Ezeh discovered that Firefox did not properly handle certain favicon image files. If a user were tricked into opening a malicious favicon file, an attacker could cause a den...
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have ...
Red Hat Security Advisory 2023-3154-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-3155-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-3138-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-3143-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-3139-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-3150-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Issues addressed include a bypass vulnerability.
An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have ...
An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out...
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to pote...
An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have ...
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw ...
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out...
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have led ...
An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-...
An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have led ...
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potentia...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32205: The Mozilla Foundation Security Advisory describes this flaw as: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. * CVE-2023-32206: The Mozilla Foundation Security Advisory describes this flaw as: ...
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Debian Linux Security Advisory 5403-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6075-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Irvan Kurniawan discovered that Thunderbird did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Ubuntu Security Notice 6074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage memory when using RLBox Expat driver. An attacker could potentially exploits this issue to cause a denial of service.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.
Debian Linux Security Advisory 5400-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, spoofing or permission request bypass.