Threats Tagged 'cve-2024-9401'

A security advisory from Red Hat addresses multiple vulnerabilities in Mozilla Firefox and Thunderbird, including denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass via clickjacking, external protocol handler enumeration, memory corruption issues, cross-origin access to PDF and JSON contents, and site isolation bypass. These issues affect Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3. The advisory provides updates to mitigate these vulnerabilities for Red Hat Enterprise Linux 9.0 variants.

A security update for Mozilla Firefox and Thunderbird addresses multiple vulnerabilities including denial of service via specially crafted WebTransport requests, memory safety bugs, clickjacking leading to directory upload bypass, cross-origin data access through multipart responses, and site isolation bypass by compromised content processes. These issues affect various Firefox and Thunderbird versions including Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3. The update is provided by Red Hat for their Enterprise Linux 9.2 Extended Update Support and related variants.

Red Hat has issued a security advisory for Firefox addressing multiple vulnerabilities including denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass via clickjacking, external protocol handler enumeration, memory corruption issues, cross-origin access to PDF and JSON contents, and site isolation bypass. These issues affect Firefox and Thunderbird components and have been fixed in updated versions. The advisory rates the security impact as Important and provides updates for Red Hat Enterprise Linux 8.2. Users are advised to apply the provided updates to mitigate these vulnerabilities.

A security update for Mozilla Firefox and Thunderbird addresses multiple vulnerabilities including denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass via clickjacking, external protocol handler enumeration, memory corruption issues, cross-origin access to PDF and JSON contents, and site isolation bypass. These issues affect Firefox 131, Firefox ESR 115.16 and 128.3, Thunderbird 131, and Thunderbird 128.3. The update is rated as important by Red Hat Product Security and applies to Red Hat Enterprise Linux 8.4 variants. No CVSS scores are provided in the advisory.

Multiple security vulnerabilities affecting Mozilla Firefox and Thunderbird have been addressed in a Red Hat security update. These include denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass via clickjacking, external protocol handler enumeration, memory corruption issues, cross-origin access to PDF and JSON contents, and site isolation bypass. The update is rated as important by Red Hat Product Security and applies to Red Hat Enterprise Linux 8.6 variants. Users are advised to apply the update to mitigate these issues.

A security advisory from Red Hat addresses multiple vulnerabilities in Mozilla Firefox and Thunderbird, including denial of service, memory safety bugs, clickjacking, cross-origin data access, and site isolation bypass. These issues affect various versions of Firefox and Thunderbird, with fixes provided in Firefox 115.16, 128.3 ESR, and Firefox 131, as well as corresponding Thunderbird versions. The vulnerabilities cover a range of weaknesses such as memory corruption, protocol handler enumeration, and bypasses of security mechanisms. Red Hat has released updated packages for Red Hat Enterprise Linux 8 to remediate these issues.

A security update for Mozilla Firefox and Thunderbird addresses multiple vulnerabilities including denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass via clickjacking, external protocol handler enumeration, memory corruption during JIT compilation and object cloning, cross-origin access to PDF and JSON contents, and bypass of site isolation by compromised content processes. These issues affect various Firefox and Thunderbird versions including Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3. The update is provided by Red Hat for its Enterprise Linux 8.8 Extended Update Support variants. The vulnerabilities have been rated with an overall high severity by Red Hat Product Security.

A security update for Mozilla Firefox and Thunderbird addresses multiple vulnerabilities including denial of service via specially crafted WebTransport requests, memory safety bugs, potential directory upload bypass through clickjacking, external protocol handler enumeration, memory corruption during JIT compilation and object cloning, cross-origin access to PDF and JSON contents, and site isolation bypass by compromised content processes. These issues affect Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3. The update is rated as important by Red Hat and is available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.