ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2024.1002.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:1002-1)
Resumen:	The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:1002-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2024:1002-1 advisory. Vulnerability Insight: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850). - CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852). Firefox Extended Support Release 115.9.0 ESR (bsc#1221327): - CVE-2024-0743: Crash in NSS TLS method (bmo#1867408). - CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920). - CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939). - CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692). - CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197). - CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432). - CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112). - CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675). - CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444). - CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093). Affected Software/OS: 'MozillaFirefox' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-5388 https://bugzilla.mozilla.org/show_bug.cgi?id=1780432 https://www.mozilla.org/security/advisories/mfsa2024-12/ https://www.mozilla.org/security/advisories/mfsa2024-13/ https://www.mozilla.org/security/advisories/mfsa2024-14/ https://lists.debian.org/debian-lts-announce/2024/03/msg00022.html https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html Common Vulnerability Exposure (CVE) ID: CVE-2024-0743 https://bugzilla.mozilla.org/show_bug.cgi?id=1867408 https://lists.debian.org/debian-lts-announce/2024/03/msg00010.html https://www.mozilla.org/security/advisories/mfsa2024-01/ Common Vulnerability Exposure (CVE) ID: CVE-2024-1546 https://bugzilla.mozilla.org/show_bug.cgi?id=1843752 https://www.mozilla.org/security/advisories/mfsa2024-05/ https://www.mozilla.org/security/advisories/mfsa2024-06/ https://www.mozilla.org/security/advisories/mfsa2024-07/ https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2024-1547 https://bugzilla.mozilla.org/show_bug.cgi?id=1877879 Common Vulnerability Exposure (CVE) ID: CVE-2024-1548 https://bugzilla.mozilla.org/show_bug.cgi?id=1832627 Common Vulnerability Exposure (CVE) ID: CVE-2024-1549 https://bugzilla.mozilla.org/show_bug.cgi?id=1833814 Common Vulnerability Exposure (CVE) ID: CVE-2024-1550 https://bugzilla.mozilla.org/show_bug.cgi?id=1860065 Common Vulnerability Exposure (CVE) ID: CVE-2024-1551 https://bugzilla.mozilla.org/show_bug.cgi?id=1864385 Common Vulnerability Exposure (CVE) ID: CVE-2024-1552 https://bugzilla.mozilla.org/show_bug.cgi?id=1874502 Common Vulnerability Exposure (CVE) ID: CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855686%2C1867982%2C1871498%2C1872296%2C1873521%2C1873577%2C1873597%2C1873866%2C1874080%2C1874740%2C1875795%2C1875906%2C1876425%2C1878211%2C1878286 Common Vulnerability Exposure (CVE) ID: CVE-2024-2605 https://bugzilla.mozilla.org/show_bug.cgi?id=1872920 Common Vulnerability Exposure (CVE) ID: CVE-2024-2607 https://bugzilla.mozilla.org/show_bug.cgi?id=1879939 Common Vulnerability Exposure (CVE) ID: CVE-2024-2608 https://bugzilla.mozilla.org/show_bug.cgi?id=1880692 Common Vulnerability Exposure (CVE) ID: CVE-2024-2610 https://bugzilla.mozilla.org/show_bug.cgi?id=1871112 Common Vulnerability Exposure (CVE) ID: CVE-2024-2611 https://bugzilla.mozilla.org/show_bug.cgi?id=1876675 Common Vulnerability Exposure (CVE) ID: CVE-2024-2612 https://bugzilla.mozilla.org/show_bug.cgi?id=1879444 Common Vulnerability Exposure (CVE) ID: CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1685358%2C1861016%2C1880405%2C1881093 Common Vulnerability Exposure (CVE) ID: CVE-2024-2616 https://bugzilla.mozilla.org/show_bug.cgi?id=1846197 Common Vulnerability Exposure (CVE) ID: CVE-2024-29944 https://bugzilla.mozilla.org/show_bug.cgi?id=1886852 https://www.mozilla.org/security/advisories/mfsa2024-15/ https://www.mozilla.org/security/advisories/mfsa2024-16/ http://www.openwall.com/lists/oss-security/2024/03/23/1
Copyright	Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.