 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.4.2022.3272.1 |
| Category: | SuSE Local Security Checks |
| Title: | SUSE: Security Advisory (SUSE-SU-2022:3272-1) |
| Summary: | The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2022:3272-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2022:3272-1 advisory. Vulnerability Insight: This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38476 (bmo#1760998) Data race and potential use-after-free in PK11_ChangePW * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 Firefox Extended Support Release 102.1 ESR * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-30 (bsc#1201758) * CVE-2022-36319 (bmo#1737722) Mouse Position spoofing with CSS transforms * CVE-2022-36318 (bmo#1771774) Directory indexes for bundled resources reflected URL parameters * CVE-2022-36314 (bmo#1773894) Opening local .lnk files could cause unexpectednetwork loads * CVE-2022-2505 (bmo#1769739, bmo#1772824) Memory safety bugs fixed in Firefox 103 and 102.1 - Firefox Extended Support Release 102.0.1 ESR * Fixed: Fixed bookmark shortcut creation by dragging to Windows File Explorer and dropping partially broken (bmo#1774683) * Fixed: Fixed bookmarks sidebar flashing white when opened in dark mode (bmo#1776157) * Fixed: Fixed multilingual spell checking not working with content in both English and a non-Latin alphabet (bmo#1773802) * Fixed: Developer tools: Fixed an issue where the console output keep getting scrolled to the bottom when the last visible message is an evaluation result (bmo#1776262) * Fixed: Fixed *Delete cookies and site data when Firefox is closed* checkbox getting disabled on startup (bmo#1777419) * Fixed: Various stability fixes Firefox 102.0 ESR: * New: - We now provide more secure connections: Firefox can now automatically upgrade to HTTPS using HTTPS RR as Alt-Svc headers. - For added viewing pleasure, full-range color levels are now supported for video playback on many systems. - Find it easier now! Mac users can now access the macOS share options from the Firefox File menu. - Voila! Support for images containing ICC v4 profiles is enabled on macOS. - Firefox now supports the new AVIF image format, which is based on the modern and royalty-free AV1 video codec. It offers significant bandwidth savings for sites compared to existing image formats. It also supports transparency and other advanced features. - Firefox PDF viewer now supports filling more forms (e.g., XFA-based forms, used by multiple governments and banks). Learn more. - When available system memory is critically low, Firefox on Windows will automatically unload tabs ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'MozillaFirefox' package(s) on SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15-SP1, SUSE Linux Enterprise Server for SAP Applications 15, SUSE Linux Enterprise Server for SAP Applications 15-SP1. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-2200 https://bugzilla.mozilla.org/show_bug.cgi?id=1771381 https://www.mozilla.org/security/advisories/mfsa2022-24/ https://www.mozilla.org/security/advisories/mfsa2022-25/ https://www.mozilla.org/security/advisories/mfsa2022-26/ Common Vulnerability Exposure (CVE) ID: CVE-2022-2505 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1769739%2C1772824 https://www.mozilla.org/security/advisories/mfsa2022-28/ https://www.mozilla.org/security/advisories/mfsa2022-30/ https://www.mozilla.org/security/advisories/mfsa2022-32/ Common Vulnerability Exposure (CVE) ID: CVE-2022-34468 https://bugzilla.mozilla.org/show_bug.cgi?id=1768537 Common Vulnerability Exposure (CVE) ID: CVE-2022-34469 https://bugzilla.mozilla.org/show_bug.cgi?id=1721220 Common Vulnerability Exposure (CVE) ID: CVE-2022-34470 https://bugzilla.mozilla.org/show_bug.cgi?id=1765951 Common Vulnerability Exposure (CVE) ID: CVE-2022-34471 https://bugzilla.mozilla.org/show_bug.cgi?id=1766047 Common Vulnerability Exposure (CVE) ID: CVE-2022-34472 https://bugzilla.mozilla.org/show_bug.cgi?id=1770123 Common Vulnerability Exposure (CVE) ID: CVE-2022-34473 https://bugzilla.mozilla.org/show_bug.cgi?id=1770888 Common Vulnerability Exposure (CVE) ID: CVE-2022-34474 https://bugzilla.mozilla.org/show_bug.cgi?id=1677138 Common Vulnerability Exposure (CVE) ID: CVE-2022-34475 https://bugzilla.mozilla.org/show_bug.cgi?id=1757210 Common Vulnerability Exposure (CVE) ID: CVE-2022-34476 https://bugzilla.mozilla.org/show_bug.cgi?id=1387919 Common Vulnerability Exposure (CVE) ID: CVE-2022-34477 https://bugzilla.mozilla.org/show_bug.cgi?id=1731614 Common Vulnerability Exposure (CVE) ID: CVE-2022-34478 https://bugzilla.mozilla.org/show_bug.cgi?id=1773717 Common Vulnerability Exposure (CVE) ID: CVE-2022-34479 https://bugzilla.mozilla.org/show_bug.cgi?id=1745595 Common Vulnerability Exposure (CVE) ID: CVE-2022-34480 https://bugzilla.mozilla.org/show_bug.cgi?id=1454072 Common Vulnerability Exposure (CVE) ID: CVE-2022-34481 https://bugzilla.mozilla.org/show_bug.cgi?id=1497246 Common Vulnerability Exposure (CVE) ID: CVE-2022-34482 https://bugzilla.mozilla.org/show_bug.cgi?id=845880 Common Vulnerability Exposure (CVE) ID: CVE-2022-34483 https://bugzilla.mozilla.org/show_bug.cgi?id=1335845 Common Vulnerability Exposure (CVE) ID: CVE-2022-34484 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763634%2C1772651 Common Vulnerability Exposure (CVE) ID: CVE-2022-34485 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1768409%2C1768578 Common Vulnerability Exposure (CVE) ID: CVE-2022-36314 https://bugzilla.mozilla.org/show_bug.cgi?id=1773894 Common Vulnerability Exposure (CVE) ID: CVE-2022-36318 https://bugzilla.mozilla.org/show_bug.cgi?id=1771774 https://www.mozilla.org/security/advisories/mfsa2022-29/ https://www.mozilla.org/security/advisories/mfsa2022-31/ Common Vulnerability Exposure (CVE) ID: CVE-2022-36319 https://bugzilla.mozilla.org/show_bug.cgi?id=1737722 Common Vulnerability Exposure (CVE) ID: CVE-2022-38472 https://bugzilla.mozilla.org/show_bug.cgi?id=1769155 https://www.mozilla.org/security/advisories/mfsa2022-33/ https://www.mozilla.org/security/advisories/mfsa2022-34/ https://www.mozilla.org/security/advisories/mfsa2022-35/ https://www.mozilla.org/security/advisories/mfsa2022-36/ https://www.mozilla.org/security/advisories/mfsa2022-37/ Common Vulnerability Exposure (CVE) ID: CVE-2022-38473 https://bugzilla.mozilla.org/show_bug.cgi?id=1771685 Common Vulnerability Exposure (CVE) ID: CVE-2022-38476 https://bugzilla.mozilla.org/show_bug.cgi?id=1760998 Common Vulnerability Exposure (CVE) ID: CVE-2022-38477 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363 Common Vulnerability Exposure (CVE) ID: CVE-2022-38478 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1770630%2C1776658 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |