Количество 14
Количество 14
BDU:2024-06700
Уязвимость браузера Firefox, Firefox ESR, связанная с отсутствием диалогового окна подтверждения при открытии связанных с Usenet схем "news:" и "snews:", позволяющая нарушителю загрузить произвольное приложение и выполнить произвольный код
ROS-20241009-02
Множественные уязвимости firefox
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
CVE-2024-8383
Firefox normally asks for confirmation before asking the operating sys ...
GHSA-794f-5gfq-xmmq
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
SUSE-SU-2024:3157-1
Security update for MozillaFirefox
SUSE-SU-2024:3152-1
Security update for MozillaFirefox
RLSA-2024:6682
Important: firefox security update
RLSA-2024:6681
Important: firefox security update
ELSA-2024-6838
ELSA-2024-6838: firefox update (IMPORTANT)
ELSA-2024-6682
ELSA-2024-6682: firefox security update (IMPORTANT)
ELSA-2024-6681
ELSA-2024-6681: firefox security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-06700 Уязвимость браузера Firefox, Firefox ESR, связанная с отсутствием диалогового окна подтверждения при открытии связанных с Usenet схем "news:" и "snews:", позволяющая нарушителю загрузить произвольное приложение и выполнить произвольный код | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | ROS-20241009-02 Множественные уязвимости firefox | CVSS3: 9.8 | около 1 года назад | |
 | CVE-2024-8383 Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-8383 Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | CVE-2024-8383 Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| CVE-2024-8383 Firefox normally asks for confirmation before asking the operating sys ... | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
| GHSA-794f-5gfq-xmmq Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating systems don't have a trusted newsreader installed by default, an unscrupulous program that the user downloaded could register itself as a handler. The website that served the application download could then launch that application at will This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. | CVSS3: 7.5 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2024:3157-1 Security update for MozillaFirefox | около 1 года назад | ||
| SUSE-SU-2024:3152-1 Security update for MozillaFirefox | около 1 года назад | ||
 | RLSA-2024:6682 Important: firefox security update | около 1 года назад | ||
| RLSA-2024:6681 Important: firefox security update | около 1 года назад | ||
| ELSA-2024-6838 ELSA-2024-6838: firefox update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-6682 ELSA-2024-6682: firefox security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-6681 ELSA-2024-6681: firefox security update (IMPORTANT) | около 1 года назад |
Уязвимостей на страницу