Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:14456-1)
Summary:The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2020:14456-1 advisory.
The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2020:14456-1 advisory.

Vulnerability Insight:
This update for MozillaFirefox fixes the following issues:

Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes

Google API key is not usable for geolocation service any more

Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe (MFSA
2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872) Potential leak of redirect targets when
loading scripts in a worker
* CVE-2020-6514 (bmo#1642792) WebRTC data channel leaks internal address
to peer
* CVE-2020-15655 (bmo#1645204) Extension APIs could be used to bypass
Same-Origin Policy
* CVE-2020-15653 (bmo#1521542) Bypassing iframe sandbox when allowing
* CVE-2020-6463 (bmo#1635293) Use-after-free in ANGLE
* CVE-2020-15656 (bmo#1647293) Type confusion for special arguments in
* CVE-2020-15658 (bmo#1637745) Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954) DLL hijacking due to incorrect loading
* CVE-2020-15654 (bmo#1648333) Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613, bmo#1644839,
bmo#1645835, bmo#1646006, bmo#1646787, bmo#1649347, bmo#1650811,
bmo#1651678) Memory safety bugs fixed in Firefox 79 and Firefox ESR

Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms

Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076) X-Frame-Options bypass using object or
embed tags
* Fixed: Fixed an accessibility regression in reader mode (bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption in the
user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external applications

Affected Software/OS:
'MozillaFirefox' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-6463
Debian Security Information: DSA-4714 (Google Search)
Debian Security Information: DSA-4736 (Google Search)
Debian Security Information: DSA-4740 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0823 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0832 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1147 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1155 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1179 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1189 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1205 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-6514
Debian Security Information: DSA-4824 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1048 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1061 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1148 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1172 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.