openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:4086-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856755

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:4086-1)

Resumen: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:4086-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:4086-1 advisory.

Vulnerability Insight:
This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 128.5.0 ESR, fixed various security fixes
and other quality improvements, MFSA 2024-64 (bsc#1233695):

* CVE-2024-11691: Memory corruption in Apple GPU drivers
* CVE-2024-11692: Select list elements could be shown over another site
* CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows
* CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims
* CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters
* CVE-2024-11696: Unhandled Exception in Add-on Signature Verification
* CVE-2024-11697: Inproper Keypress Handling in Executable File Confirmation Dialog
* CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS
* CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5

Affected Software/OS:
'MozillaFirefox' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-11691
Common Vulnerability Exposure (CVE) ID: CVE-2024-11692
Common Vulnerability Exposure (CVE) ID: CVE-2024-11693
Common Vulnerability Exposure (CVE) ID: CVE-2024-11694
Common Vulnerability Exposure (CVE) ID: CVE-2024-11695
Common Vulnerability Exposure (CVE) ID: CVE-2024-11696
Common Vulnerability Exposure (CVE) ID: CVE-2024-11697
Common Vulnerability Exposure (CVE) ID: CVE-2024-11698
Common Vulnerability Exposure (CVE) ID: CVE-2024-11699

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856755
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:4086-1)
Resumen:	The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:4086-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:4086-1 advisory. Vulnerability Insight: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.5.0 ESR, fixed various security fixes and other quality improvements, MFSA 2024-64 (bsc#1233695): * CVE-2024-11691: Memory corruption in Apple GPU drivers * CVE-2024-11692: Select list elements could be shown over another site * CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11696: Unhandled Exception in Add-on Signature Verification * CVE-2024-11697: Inproper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS * CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 Affected Software/OS: 'MozillaFirefox' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-11691 Common Vulnerability Exposure (CVE) ID: CVE-2024-11692 Common Vulnerability Exposure (CVE) ID: CVE-2024-11693 Common Vulnerability Exposure (CVE) ID: CVE-2024-11694 Common Vulnerability Exposure (CVE) ID: CVE-2024-11695 Common Vulnerability Exposure (CVE) ID: CVE-2024-11696 Common Vulnerability Exposure (CVE) ID: CVE-2024-11697 Common Vulnerability Exposure (CVE) ID: CVE-2024-11698 Common Vulnerability Exposure (CVE) ID: CVE-2024-11699
Copyright	Copyright (C) 2024 Greenbone AG