Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
More Stories
USN-7050-1: Devise-Two-Factor vulnerabilities
Benoit Côté-Jodoin and Michael Nipper discovered that Devise-Two-Factor incorrectly handled one-time password validation. An attacker could possibly use this issue...
USN-7022-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7043-2: cups-filters vulnerability
USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Simone...
USN-7049-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to...
USN-7003-5: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...
webkitgtk-2.46.1-1.fc39
FEDORA-2024-e1357fc22f Packages in this update: webkitgtk-2.46.1-1.fc39 Update description: Fix login QR code not shown in WhatsApp web. Disable PSON by...