rpm package
suse/MozillaThunderbird&distro=SUSE Package Hub 12
pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Package%20Hub%2012
Vulnerabilities (265)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1956 | Med | 6.5 | < 45.2-6.1 | 45.2-6.1 | Mar 13, 2016 | Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. | |
| CVE-2016-1955 | Med | 4.3 | < 45.2-6.1 | 45.2-6.1 | Mar 13, 2016 | Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. | |
| CVE-2016-1954 | Hig | 8.8 | < 45.2-6.1 | 45.2-6.1 | Mar 13, 2016 | The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a den | |
| CVE-2016-1953 | Hig | 8.8 | < 45.2-6.1 | 45.2-6.1 | Mar 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and | |
| CVE-2016-1952 | Hig | 8.8 | < 45.2-6.1 | 45.2-6.1 | Mar 13, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
- affected < 45.2-6.1fixed 45.2-6.1
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.
- affected < 45.2-6.1fixed 45.2-6.1
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.
- affected < 45.2-6.1fixed 45.2-6.1
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a den
- affected < 45.2-6.1fixed 45.2-6.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and
- affected < 45.2-6.1fixed 45.2-6.1
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Page 14 of 14